29

PCPD News

私隱專員公署通訊

•

Issue no. 29

Mark Your Diary

活動日誌

Resources Updates

資源快訊

Statistics

統計

Glossary

詞彙

Technology Updates

科技新知

對企業和機構來說，儲存在其電腦系統

的資料，包括客戶、員工、商業合作夥

伴等個人資料，都是有用的數據和重要

的資產；加上不少機構順應潮流而紛紛

開拓網上業務，要妥善地管理這些網上

和電腦上的資料，有效的私隱政策及常

規至為重要。

除了資料保安，機構亦須履行《個人資

料

(

私隱

)

條例》下的責任，保障個人資料

私隱。

機構疏於個人資料保障，而在事後才採

取補救措施，不但費時失事，更有可能

會賠上機構的聲譽和顧客的信任。

以本港消費者為對象的調查研究指出：

•

市民對資料保安的關注有增加之勢，

互聯網資料保安的關注度升幅最大。

(1)

• 84%

受訪者擔心別人取得或使用自己

的信用咭及信貸資料；以及擔心個人

資料未經授權而被讀取或誤用。

(1)

• 56%

表示擔心網上購物和網上理財的

保安

(1)

• 81%

表示，若機構因資訊保安問題而

損害其個人資料私隱，他們不會再跟

有關機構交易。

(2)

網上私隱要自保 公司機構篇

Be Smart Online Resources for Businesses

The findings of studies on local consumers

show that:

• The concern about security, in particular

Internet security was on the rise.

(1)

• 8 4% o f t h e r e s p o n d e n t s we r e

extremely or very concerned about

other people obtaining or using their

credit/debit card details; and about

unauthorised access to or misuse of

their personal information.

(1)

• 56% were concerned about the

security of online shopping and online

banking.

(1)

• 81% said they would stop dealing

with an organisation, such as closing

their accounts, if their personal

information had been breached.

(2)

Furthermore, according to an overseas

study report, 51 % of the organisations

which allowed their employees to

bring their own devices to work had

experienced data loss resulting from

employee use of insecure mobile

devices.

(3)

To support organisations, the PCPD

provides a range of resources on its “Be

Smart Online” mini-website (

www.pcpd

.

org.hk/besmartonline/en/business.

html

). Tips for compliance when doing

business online and using Information

and Communication Technologies,

as well as guidelines and information

leaflets, are available.

另外，外國研究指出，容許員工使用流

動裝置的機構，半數機構曾經因為員工

不慎地使用流動裝置而外洩資料。

(3)

公署在「網上私隱要自保」專題網站為企

業和機構而設的專區（

www.pcpd.org

.

hk/besmartonline/business.html

），提

醒機構在應用互聯網和通訊科技時如何

妥善保障個人資料和私隱，並提供的指

引、單張或刊物以供參考：

For many businesses and organisations,

the data stored on their IT systems,

i n c l u d i n g t h e p e r s o n a l d a t a o f

c u s t ome r s , emp l o y e e s , bu s i n e s s

partners and so on, is a useful and

valuable asset. As more businesses

are operating online, it is essential

for organisations to put in place an

effective data privacy policy and

practice to properly manage the data

on computers and on the Internet

Apart from data security concern, they

should also note that there are legal

obligations under the Personal Data

(Privacy) Ordinance which govern how

businesses should manage personal

data to ensure privacy. Not protecting

your customer information could have a

negative impact on the reputation of your

business and customer relationship. It is

also costly for the organisation to arrange

a remedy.

資料來源

Sources

：

1. Unisys Security Index Report Hong Kong – May 2013

www.unisyssecurityindex.com.hk

2. Hong Kong customer actions after unauthorised access of personal information held by an organisation – Nov 2011

www.unisyssecurityindex.com/usi/hong-kong/additional_research

3. Research Report: Global Study on Mobility Risks by Ponemon Institute

www.websense.com/content/ponemon-institute-research-report-2012.aspx?cmpid=prnr2.29.12