Next
Workplace monitoring under the provision of Personal Data (Privacy) Ordinacne
Workplace monitoring under the provision of Personal Data (Privacy) Ordinacne
2019-02-28
 |
Privacy is an important value in its own right. With more awareness over personal data protection, often times employees express their concerns over workplace monitoring as it may cost their privacy.
The Commissioner published a 'Privacy guidelines: monitoring and personal data privacy at work' t based on the Personal Data (Privacy) Ordinance (PD(P)O) which deals with the collection, use, security and retention of personal data.
Personal Privacy Collection
Ever suspected that your employer is spying on you and your co-workers' work? The Ordinance has a grey area in accepting certain flexibility in this sense as long as the monitoring act was done reasonably. Rationale in such privacy dispute always falls on the purpose and the intention of the employer.
In most cases, carrying out spot checks should suffice to serve the purpose(s) concerned. A bank, for instance, that deals with its clients over the phone doesn't need to monitor every call made, or received by its employees, provided that its objective is to ensure service quality.
The Commissioner often urges employers to respect the dignity and privacy rights of the employee whether or not personal data collection is involved. After all, privacy is an important value in its own right.
Six Data Protection principles:
Depite its vague & loose expression, the Ordinance allows certain degree of flexibility compromised by six data protection principles:
1. Data Collection Principle
- Personal data must be collected in a lawful and fair way, for a purpose directly related to a function /activity of the data user.
- Data subjects must be notified of the purpose and the classes of persons to whom the data may be transferred.
- Data collected should be necessary but not excessive.
2. Accuracy & Retention Principle
- Practicable steps shall be taken to ensure personal data is accurate and not kept longer than is necessary to fulfil the purpose for which it is used.
3. Data Use Principle
- Personal data must be used for the purpose for which the data is collected or for a directly related purpose, unless voluntary and explicit consent with a new purpose is obtained from the data subject.
4. Data Security Principle
- A data user needs to take practicable steps to safeguard personal data from unauthorised or accidental access, processing , erasure, loss or use.
5. Openness Principle
- A data user must take practicable steps to make personal data policies and practices known to the public regarding the types of personal data it holds and how the data is used.
6. Data Access & Correction Principle
- A data subject must be given access to his/her personal data and allowed to make corrections if it is inaccurate.
Disclaimer: This article serves as the provision of general information and reference only. It is not intended to be served or interpreted as any legal advice in any occasion, at any cost. Please seek professional help if you have any relevant legal issue.
Look out for further updates on our Facebook fan page!
Related Articles
Follow CTgoodjobs for the latest career news, hot topics and recommended jobs!