Surveys/ Study Reports

Survey Of Organizations

A mail questionnaire survey of organizations was conducted from mid-February to late April in 1999. A total of 463 data users from the public and private sectors holding a relatively large amount of non-employee personal data had completed and returned the questionnaire. The questionnaire studied their attitudes to, and measures taken to comply with, the Ordinance.

1. Organizational arrangements to comply with the Ordinance

   Compliance with the Ordinance with the Ordinance 77.4% of the respondents in the 1999 survey claimed that the management in the organizations has officially adopted policies and practices to comply with the Ordinance (Figure 19).

   
2. Organizational staff arrangements to comply with the Ordinance

   Most organizations used existing staff for both co-ordination and implementation (Figure 20). Instead of setting up a new post of a dedicated data protection/data compliance officer, organizations preferred to allocate the additional duty to the human resources managers or other senior staff. In smaller organizations of less managerial specialization, in particular, the personal data privacy duty was borne by senior staff(Figure 21), in 1999, 21% of the respondent organizations had still not made changes in their staff arrangements (Figure 20) and 26.5% of the respondents responded that there were no specific staff or even no one in the organization responsible for personal data privacy (Figure 21).

   
   
   
3. Help provided to organizational staff

   Internal guidelines and circulars and briefings in regular meetings continued to be the most important assistance for staff to comply with the requirements of the Ordinance in the 1999 survey. Guidelines issued by representative bodies and training seminars of lectures had played a relatively minor role (Figure 22).