On February 2, in order to help enterprises better manage and protect their personal data, the Hong Kong China Network Security Association x Alfacloud Data Privacy Committee sharing session was held at Alfacloud North Point office. The theme of the sharing session was "How enterprises protect their personal data - The Basics". A member of the Data Privacy Committee of the Association was the keynote speaker and shared with the members of the Association the methods and recommendations for protecting personal data. The event aims to raise awareness of data protection among businesses and individuals and promote the development of data security and privacy protection.
During the meeting, Ms. Chandy Ye, Director of the Data Privacy Committee, provided a detailed explanation of personal data. She pointed out that personal data is directly or indirectly related to individuals who can be identified by this information, such as name, phone number, email address, occupation, etc. She emphasized that when dealing with personal data, companies should follow the data protection principles, including data collection, accuracy and retention, data use, security measures, transparency, access and correction, to ensure the safe management and use of personal data.
Next, Mr. Vincent Ng, member of the Data Privacy Committee, shared the practical experience of PCPD and ZA Bank in establishing a privacy management system. In terms of project control, companies need to establish a list of personal data and formulate internal policies for processing personal data, assess related risks, and take corresponding measures to manage them. Additionally, to continuously optimize and improve privacy management systems, companies need to develop monitoring and review plans. This way, potential issues can be detected and improvements can be made in a timely manner, ensuring the optimal operation of the system.
Finally, Mr. Wong Kar Hong, a member of the Data Privacy Commission, explored in depth the similarities and differences in privacy protection legislation in the Association of Southeast Asian Nations (ASEAN) countries. He pointed out that these commonalities include accountability systems, extraterritorial application, usage restrictions, etc. To ensure compliance with privacy protection, countries have implemented a series of measures, such as establishing information management systems, training employees, appointing Data Protection Officers (DPO), and retaining information processing records. However, the biggest differences between privacy laws in various countries lie in their scope of application, such as whether they apply to government agencies, small and micro-enterprises, etc. For violations of privacy laws, different countries also have different punishment regulations, including fines, rectification, and warnings.
During the discussion segment, attendees actively expressed their views and suggestions on personal data protection. They unanimously agreed that with the rapid development of information technology and the internet, the challenges of personal data protection are increasing, and effective measures need to be taken to protect personal data security and privacy.
Here, the Hong Kong-China Cyber Security Association would like to thank all the data privacy experts for their wonderful sharing. In particular, the Association would like to thank AlfaCloud for their support in providing the excellent venue and services that made this symposium possible. The association looks forward to cooperating with more industry enterprises in the future to jointly promote the development of network security.
In the future, HKCNSA will continue to focus on personal data protection and cybersecurity issues, and through organizing seminars, industry exchanges, and other activities, raise awareness and capabilities of businesses and individuals regarding data protection.