GF 323
CONFIDENTIAL
- 5
機密
should be instituted to restrict the extent of access to the actual operational needs of the different levels of the staff members.
Fourth Principle
-
The information shall be adequate,
relevant and not excessive in relation to the specified purposes
23.
Again, the studies show that the Departments are adhering closely to this principle.
-
Fifth Principle The information shall be accurate and, where necessary, kept up to date
24.
Information is verified to ensure its accuracy when it is being collected. By requiring annual returns from employers and taxpayers, Inland Revenue Department is keeping the information up-to-date. The other departments, while updating their records as changes come to their notice, do not actively seek to verify their data periodically.
Sixth Principle The information shall be kept in a form which permits identification of the data subject for no longer than is necessary for the specified purpose
25.
In some cases, no definite retention periods are set. Records with accounting information are usually retained according to the requirements of the Treasury or the Audit Department. This could mean that the information is held for longer than is necessary for the specified purposes. Where records are kept for
statistical purposes, no action is taken to make the data subjects not directly identifiable.
-
Seventh Principle The data subject shall have access to factual information held about him and be entitled to its correction where the legal provisions safeguarding personal data have not been complied with
26.
In no case are data subjects allowed access to all the information held about them, since allowing access is a concept new in Hong Kong.
27.
Except in the case of PONICS, most of the data are actually supplied by the data subjects themselves and revealed to them in one way or another and this provides the opportunity for data subjects to point out errors and ask that these be corrected.
Eighth Principle
-
Appropriate security measures must be taken against unauthorized access to, alteration or dissemination, accidental loss and accidental or unauthorized destruction of data
J
CONFIDENTIAL
機密
No comments yet.
Private notes are available after approval.