The Office of the Privacy Commissioner for Personal Data is an independent statutory body set up to oversee the enforcement of the Personal Data (Privacy) Ordinance (Cap. 486) which came into force on 20th December, 1996.
Mission Statement
To secure the protection of privacy of individuals with respect to personal data through promotion, monitoring and supervision of compliance with the Ordinance.
Strategies and Key Goals
Enforcement
|
Strategies |
Key Goals |
-
To ensure equity, fairness and operational efficiency
-
To act independently, impartially and without fear or favour
-
To partner with other regulators, leveraging their legislative mandates, institutional tools and enforcement powers
-
To partner with overseas data protection authorities for handling cross-border privacy issues and complaints
|
-
Complaints are investigated and resolved efficiently in a manner that is fair to all parties concerned
-
Enquiries are responded to professionally and efficiently
-
Meritorious applications for legal assistance are entertained and aggrieved individuals compensated
|
Monitoring and Supervising Compliance
|
Strategies |
Key Goals |
-
To investigate proactively and fairly into areas where the privacy risks are significant
-
To partner with other regulators, leveraging their legislative mandates, institutional tools and enforcement powers
-
To partner with overseas data protection authorities for handling cross-border privacy issues and complaints
|
-
Organisational data users are facilitated to meet their data protection obligations and adopt good privacy practices
|
Promotion
|
Strategies |
Key Goals |
-
To seek proactively the holistic engagement of stakeholders
-
To promote best practices among organisational data users on top of meeting minimum legal requirements
-
To maximise publicity and education impact through websites, publications and media exposure
-
To engage the community, in particular, young people
-
To use lessons learnt from investigations as a means of educating data users and data subjects
|
-
A better understanding of the laws and principles in the community is articulated, recognising not only the rights and obligations but also expectations and limitations in personal data protection
-
Organisations in public and private sector understand their obligations as data users under the Ordinance and the ways to meet them
-
Individual and organisational data users understand the role of the PCPD and the assistance the PCPD may provide
|
Corporate Governance
|
Strategies |
Key Goals |
-
To adhere to the principles of transparency and accountability
-
To maximise utilisation of resources to achieve economy, efficiency and effectiveness
-
To make continuous effort to streamline work procedures
-
To apply a “selective in order to be effective” approach in prioritising work, with an emphasis on assignments that will have the greatest impact
-
To build and maintain a loyal and professional team
|
-
High standard of corporate governance is achieved
|
Meeting Changing Needs
|
Strategies |
Key Goals |
-
To keep abreast of technological development
-
To monitor international development and trend
-
To keep track of evolving local privacy expectation
|
-
Existing and proposed laws and regulatory systems are relevant and effective
|