Hong Kong's data breach notification scheme : From the stakeholders’ perspectives
Research output: Journal Publications and Reviews (RGC: 21, 22, 62) › 21_Publication in refereed journal › peer-review
Author(s)
Related Research Unit(s)
Detail(s)
Original language | English |
---|---|
Article number | 105579 |
Journal / Publication | Computer Law and Security Review |
Volume | 42 |
Online published | 7 Aug 2021 |
Publication status | Published - Sep 2021 |
Link(s)
Abstract
Data breach notification laws have been enacted in an increasing number of economies around the world. These laws establish the requirement for notice in the event of a data breach incident. Although, there are a number of reasons for requiring data breaches to be notified, the primary objective of the laws is to regulate organizations’ data security practices in order to protect the data privacy of its customers. In so doing, the data reporting obligations promote accountability, transparency and trust, thereby improving the overall organizational data security environment. Opinions are, however, divided amongst various private sector stakeholders on the issue of mandatory data breach notification. Drawing on the interviews with 24 private sector representatives with interest in data breach issues, this article documents and examines their position on the appropriate regulatory approach for data breach notification in Hong Kong.
Research Area(s)
- Data breach notification, Hong Kong, Qualitative investigation, Review of personal data (privacy) ordinance, Stakeholders’ perspectives
Citation Format(s)
Hong Kong's data breach notification scheme : From the stakeholders’ perspectives. / Ong, Rebecca; Sabapathy, Sandy.
In: Computer Law and Security Review, Vol. 42, 105579, 09.2021.Research output: Journal Publications and Reviews (RGC: 21, 22, 62) › 21_Publication in refereed journal › peer-review