Search: Advanced search
Browse by category:
How Bloombase helps customers achieve Personal Data Privacy Ordinance (PDPO) of Hong Kong?
The Office of the Privacy Commissioner for Personal Data has brought the Personal Data Privacy Ordinance in 1996.
The purpose of the Ordinance is to protect the privacy interests of living individuals in relation to personal data. It also contributes to Hong Kong's continued economic well being by safeguarding the free flow of personal data to Hong Kong from restrictions by countries that already have data protection laws.
The Ordinance suggested the following data protection principles
Purpose and manner of collection
This provides for the lawful and fair collection of personal data and sets out the information a data user must give to a data subject when collecting personal data from that subject.
Accuracy and duration of retention
This provides that personal data should be accurate, up-to-date and kept no longer than necessary.
Use of personal data
This provides that unless the data subject gives consent otherwise personal data should be used for the purposes for which they were collected or a directly related purpose.
Security of personal data
This requires appropriate security measures to be applied to personal data (including data in a form in which access to or processing of the data is not practicable).
Information to be generally available
This provides for openness by data users about the kinds of personal data they hold and the main purposes for which personal data are used.
Access to personal data
This provides for data subjects to have rights of access to and correction of their personal data.
Bloombase created Spitfire security platform to address compliance requirements suggested by Personal Privacy Ordinance to safeguard corporations and agencies from unwanted private data disclosure. Spitfire security appliances protect encryption and digital signing keys inside hardware security module (HSM) from disclosure and duplication. Spitfire appliances encrypt data with NIST certified AES, 3DES and DES cryptographic algorithms and create digital signatures to assure data integrity by international standards including Public Key Infrastructure (PKI), X.509 digital certificates and W3C XML digital signature.