App. A
GF 323
CONFIDENTIAL
- 3
-
機密
5.
(b)
(ii) to access to any such data held by a
data user; and
where appropriate, to have such data corrected or erased.
Eighth Principle: Appropriate security measures shall be taken against unauthorised access to, or alteration, disclosure or destruction of,
personal data and against accidental loss or destruction of personal data.
In considering whether the above principles should be adopted, the Working Group has also had regard to the exemptions under the subject-access and
non-disclosure provisions in the UK Act including those exemptions concerning national security, the prevention or detection of crime, the apprehension or prosecution of offenders, the assessment or collection of any tax or duty, data held for the purpose of discharging statutory functions, and for protecting the data subject or rights or freedoms of others.
6.
The Working Group proceeded to examine a comprehensive list of Government computer systems which contained personal data and selected four larger systems for detailed analysis and examination, namely :-
The Vehicle and Driver Licensing Integrated Data System (VALID);
(a)
(b)
The Tax Systems of the Inland Revenue Department;
(c)
The Police Operational Nominal Index Computer System (PONICS); and
(a)
The Social Welfare Payments Control System.
A summary of the findings is at Appendix A.
7.
Having studied the selected Government systems, the Working Group considered that the above principles of data protection were, by and large, being complied with. The only exception related to the Seventh Principle which states that the data subject shall have access to information held about him and be entitled to its correction. The concept of allowing data subjects access to personal information is not widely practised in Hong Kong. Most computer systems used in Government are not designed for such access though, if necessary resources were made available, conversions could be effected to cater for it.
CONFIDENTIAL **