Data storage and management is one of the cornerstones of an effective IT infrastructure, enabling businesses to safely store, manage, and exchange information with third-parties – clients or business partners – without risk. This allows them to streamline processes while increasing efficiency, reducing costs, and providing superior customer service.
Hong Kong’s data center industry is flourishing thanks to its strategic location and vibrant economy. Hong Kong offers free flow of information without restrictions or censorship and offers strong protection for personal privacy, making it the ideal place for global data centres.
Financial services & insurance, trading & logistics and the high-tech sector all rely heavily on ICT for growth; an increase in computing power demand has generated an increased need for data centre space.
Data centers have become one of the fastest-growing segments of Hong Kong’s ICT industry and have become essential components for various sectors within its economy.
Hong Kong is an outstanding global data center hub, boasting excellent infrastructure and connectivity with other parts of Asia and beyond. Additionally, its IT industry features highly developed IT professionals with mobile skillsets who speak multiple languages; Hong Kong boasts highly competitive taxation systems with low corporate tax rates for added attraction.
Hong Kong data protection laws are built around six core data protection principles. The Personal Data (Privacy) Ordinance (“PDPO”) protects the rights and interests of data subjects while setting forth specific obligations on data controllers to regulate collection, processing, holding and using of personal data through various mechanisms.
Furthermore, the PDPO defines what constitutes personal data in accordance with international norms, similar to that found in mainland China’s Personal Information Protection Law or Europe’s General Data Protection Regulation. Personal data refers to information pertaining to an identifiable natural person.
To obtain permission to transfer data outside Hong Kong, a data user must secure both voluntary and express consent of their data subjects by creating and providing them with a Personal Information Collection Statement (“PICS”). This should include an explanation as to why and what this data will be used for.
As soon as a data user becomes aware of any change to the purpose for which personal data was collected, or classes of people with whom it may be shared, their PICS must be updated immediately.
Data transfers are an integral component of business operations. Therefore, it’s vital for organizations to understand the rules and regulations surrounding personal data transfers so as to minimize compliance risk and ensure efficient data flows across their organisation. Padraig Walsh from Tanner De Witt’s data privacy team gives an overview of personal data transfers in and out of Hong Kong.