In January 2020, the Hong Kong Constitutional and Mainland Affairs Bureau released a paper linking to discussions around amendments to the Personal Data Privacy Ordinance (“PDPO”). Although the mention of these amendments were announced well over a year ago now, Hong Kong has no indication as to when these updated provisions will come into force. It is important for schools in Hong Kong to understand the scope of the measurements tied to the PDPO amendments so that when they are implemented, your school can rest assured that data protection compliance is upheld without delay or inconvenience.
Although there has been no date for the implementation of these updated regulations set in stone as of yet, Hong Kong’s Privacy Commissioner has noted that they are working with the Hong Kong Government in proposing the new amendments to the PDPO. This means that the revised regulations will be on their way to implementation and schools should prepare for them. Just because regulations are not yet implemented, does not mean that a school must wait for them to arrive before they act on the matter.
Many of these regulations are already the standard in other countries. For example, these amendments are included in the European GDPR, meaning that we can look to European countries and understand what procedures they have in place to take action against the regulations. Learn lessons from Catriona Thompson, Bursar at Kingham Hill School in the UK on her journey to GDPR compliance. With GDPR being considered the gold standard for data privacy regulations, countries from around the world can understand what a good compliance programme looks like, along with best practices.
What will the PDPO amendments affect?
Understanding the main aspects of the upcoming implementation of the PDPO amendments in Hong Kong is imperative to schools as it will help them prepare for what lies ahead for Hong Kong data privacy. In ensuring that your school is prepared, there will be little to no chance of facing data privacy penalties when the amendments come into play.
A substantial part of compliance in schools is centred around an understanding of obligations. Whether your school is at the beginning of its data protection compliance programme, or well into it, 9ine’s training services are able to educate at all levels. Alongside this, we understand that there is a lack of applicable and instructional training focussed on data privacy and technology hardening. The 9ine Technical Academy and the 9ine Privacy Academy are designed to give you instructional, applicable, and understandable guidance towards data privacy and system hardening. This will allow you to implement best practices and procedures into your data privacy and IT compliance programmes.
If your school would like to know more about how 9ine can help with the implementation of the PDPO amendments