Table of Contents Table of Contents
Previous Page  128 / 192 Next Page
Information
Show Menu
Previous Page 128 / 192 Next Page
Page Background

have contravened a requirement under the Ordinance “to remedy and, if appropriate,

prevent any recurrence of the contravention”.

9.22

In those cases where the contravention is attributed to a lack of or an inadequate

privacy policy, the Commissioner may in the enforcement notice direct the relevant

data user to take such steps to promulgate, amend or modify its personal data handling

policies or practices to prevent similar breaches from occurring.

9.23

The Commissioner views favourably a systematic approach by data users in

implementing a privacy management programme

8

built upon a robust data privacy

policy and practices that are properly executed, reviewed and assessed by designated

data protection officer(s).

8

See

Privacy Management Programme: A Best Practice Guide

, available on the Website:

https://www.pcpd.org.hk//english/resources_centre/publications/files/PMP_guide_e.pdf
1 123 124 125 126 127 128 129 130 131 132 133 134 192  FlippingBook