Situation

Appropriate Steps

• mark mail “private and confidential” if

intended for the eyes of the addressee only

• make sure a dedicated fax machine, if

available, is used at the receiving end

• notify the recipient of the incoming fax in

advance

• double-check the accuracy of the fax number

before dialing

Service of

legal

documents

1

• deliver documents in sealed envelopes marked

“private and confidential” and, where

appropriate, “to be opened by addressee

only”

• do not leave documents in common areas or

places to which any passers-by may have

access

• do not leave documents with unrelated parties

such as neighbours or caretakers

• do not show the documents to unrelated

parties such as caretakers or passers-by

• ensure correctness of the address for service

• do not disclose contents of documents to

unrelated parties for the purpose of obtaining

an acknowledgement receipt of the

documents

(The above suggested steps are subject to any

statutory requirements that may apply to the

mode of service of particular documents.)

When handling personal data stored electronically, data users may consider implementing the

following security measures:

Situation

Appropriate Steps

Governance

• consider adopting privacy by design and

privacy management programme to oversee

data protection at corporate level

• establish formal data protection and security

organisation including defining roles and

responsibility of individuals involved

• integrate data protection and security into the

human resource process including

employment contract terms and ongoing data

1

See Law Society circulars 98-293 (issued on 2 November 1998) and 08-417 (issued on 21 July 2008).