SlideShare ist ein Scribd-Unternehmen logo

EU newsletter on Data Privacy

A
alankhlo
TechnologieNews & Politik
1 von 4
Downloaden Sie, um offline zu lesen
PRIVACY AND DATA PROTECTION From: Kitty Choi, Head, Efficiency Unit To: Heads of Department Efficiency Unit Website Date: 27 May, 2009 PRIVACY AND DATA PROTECTION ARE SENIOR MANAGEMENT CONCERNS Head, EU Head, EU Kitty Choi The way in which organisations manage and protect personal information has never been under Kitty Choi kkychoi@eu.gov.hk kkychoi@eu.gov.hk Tel: 2810 2021 such scrutiny as now. The current climate of concern stems from a series of mass leakages of Tel: 2810 2021 Deputy Head, EU personal information. In the first quarter of 2009, more than 150 privacy incidents happened Deputy Head, EU Patricia Lau around the world while over 3 million personal records were disclosed unintentionally (Source: Patricia Lau plau@eu.gov.hk plau@eu.gov.hk Tel: 2810 3463 Open Security Foundation). Recently in Hong Kong, repeated incidents of loss of removable Tel: 2810 3463 Assistant Director, EU devices (e.g. USB), inappropriate use of peer-to-peer applications (e.g. Foxy) or loss of data Assistant Director, EU W C Chan Peggy Leung wcchan@eu.gov.hk servers have been extensively reported by the media. pwkleung@eu.gov.hk Tel: 2165 7228 Tel: 2810 2306 Assistant Director, EU These privacy breaches reflect a spectrum of risks throughout the data management lifecycle, Assistant Director, Yuk W F EU W F Yuk wfyuk@eu.gov.hk which consists of collection, storage, retention, use, sharing, archival, disposition and destruction wfyuk@eu.gov.hk Tel: 2810 3701 Tel: 2165 7228 of data. These risks may include regulatory non-compliance, impact on operations, lack of public Assistant Director, EU trust, legal liabilities, identity theft/information misuse, and last but not least, reputation risk. AssistantSteve Barclay Director, EU Steve Barclay sbarclay@eu.gov.hk Privacy and data protection issues require strategic attention from leaders. Merely plugging the sbarclay@eu.gov.hk Tel: 2810 3408 Tel: 2810 3408 technology loophole may provide an interim solution at best but it will not solve the problem PMSO, EU PMSO, EU longer term. Hedy Lo K W Kong hwhlo@eu.gov.hk kwkong@eu.gov.hk Tel: 2165 7288 Tel: 2165 7288 In response to client needs, consulting firms have established their own frameworks to protect PMSO, EU PMSO, EU Peggy Leung personal data. The EU recently met with Deloitte’s Enterprise Risk Services Practice and we would David Hooi pwkleung@eu.gov.hk dwkhooi@eu.gov.hk like to share their insights in this newsletter. Tel: 2165 7206 Tel: 2810 3701 PEO, EU PEO, EU Judy Li SOURCES OF DATA LEAKAGE Judy Li jckli@eu.gov.hk jckli@eu.gov.hk Tel: 2810 2306 Data leakage might occur through simple day-to-day activities such as handling of physical records, Tel: 2165 7206 e-mail exchanges, telephone conversations, data-sharing on USB flash drives and usage of peer-to-peer software or instant messaging services. Recent research reported that there were over 1,000 personal data incidents worldwide from 2005 to June 2008, in which 50% of the cases were due to accidental exposure, human or 1
system errors, improper data disposal and loss of removable media, and 46% of cases involved Efficiency Unit Website data with no protection at all (Source: Computer Weekly). Head, EU Head, EU Kitty Choi CHALLENGES TO PRIVACY AND DATA PROTECTION Kitty Choi kkychoi@eu.gov.hk According to a global security survey of the world’s top 100 global financial institutions conducted kkychoi@eu.gov.hk Tel: 2810 2021 Tel: 2810 2021 by Deloitte in 2008, 48% of respondents indicated that the loss of customer data/privacy Deputy Head, EU Deputy Head, EU Patricia Lau issues/information leakage was their highest concern. Human error is overwhelmingly stated as Patricia Lau plau@eu.gov.hk plau@eu.gov.hk Tel: 2810 3463 the greatest weakness (86%) followed by technology (63%). While the Government operates in a Tel: 2810 3463 different paradigm, the fact that we possess a huge amount of personal data across different Assistant Director, EU Assistant Director, EU W C Chan government departments and given the high expectation the public has on us to guard their Peggy Leung wcchan@eu.gov.hk pwkleung@eu.gov.hk Tel: 2165 7228 privacy, we need to be ahead of Tel: 2810 2306 this game. Assistant Director, EU Assistant Director, Yuk W F EU W F Yuk wfyuk@eu.gov.hk wfyuk@eu.gov.hk Tel: 2810 3701 Respondents also expressed Tel: 2165 7228 Assistant Director, EU concern about the growing AssistantSteve Barclay Director, EU popularity of social networking Steve Barclay sbarclay@eu.gov.hk sbarclay@eu.gov.hk Tel: 2810 3408 technologies (e.g. Facebook), Tel: 2810 3408 PMSO, EU instant messaging technologies (e.g. PMSO, EU Hedy Lo K W Kong hwhlo@eu.gov.hk MSN) and the proliferation of kwkong@eu.gov.hk Tel: 2165 7288 storage devices (e.g. USB) as well Tel: 2165 7288 PMSO, EU as mobile devices (e.g. PMSO, EU Peggy Leung David Hooi pwkleung@eu.gov.hk Blackberry). dwkhooi@eu.gov.hk Tel: 2165 7206 Tel: 2810 3701 PEO, EU As a result, more than half of the respondents surveyed restricted the use of social networking PEO, EU Judy Li Judy Li jckli@eu.gov.hk (53%) or instant messaging technologies (58%) but, for productivity reasons, they allowed jckli@eu.gov.hk Tel: 2810 2306 Tel: 2165 7206 employees to use storage devices (73%) or mobile devices (90%). Nevertheless, less than 40% of respondents offered employee guidelines on the secured use of these devices and only around 40% published policies on acceptable business use. The survey also showed that only 44% of respondents have assigned a dedicated privacy executive officer whose major responsibilities are to analyse regulation, develop privacy strategy, enforce policies, provide internal consulting on privacy issues, conduct training, respond to incidents, monitor and measure compliance, and perform risk assessments. 2
Efficiency Unit Website When asked to select the most influential drivers for management attention on privacy, respondents cited the need to comply with privacy regulations (79%), protection of brand and Head, EU Head, EU Kitty Choi reputation (70%) and potential liability (55%) as their top three choices. Kitty Choi kkychoi@eu.gov.hk kkychoi@eu.gov.hk Tel: 2810 2021 Tel: 2810 2021 A COMPREHENSIVE DATA CONTROL FRAMEWORK AND A HOLISTIC APPROACH Deputy Head, EU Deputy Head, EU Patricia Lau To address the privacy and data Patricia Lau plau@eu.gov.hk plau@eu.gov.hk Tel: 2810 3463 protection issues, organisations are often Tel: 2810 3463 locked into a reactive mode. According Assistant Director, EU Assistant Director, EU W C Chan to another survey conducted by Deloitte, Peggy Leung wcchan@eu.gov.hk pwkleung@eu.gov.hk Tel: 2165 7228 privacy and security professionals spend Tel: 2810 2306 more than 50% of their time responding Assistant Director, EU Assistant Director, Yuk W F EU to privacy breaches such as investigation, W F Yuk wfyuk@eu.gov.hk wfyuk@eu.gov.hk Tel: 2810 3701 remediation, incident reporting and Tel: 2165 7228 Assistant Director, EU notification as well as communication AssistantSteve Barclay Director, EU with customers, employees and Steve Barclay sbarclay@eu.gov.hk sbarclay@eu.gov.hk Tel: 2810 3408 stakeholders. Respondents struggle to Tel: 2810 3408 PMSO, EU allocate time to consider proactive privacy protection measures. PMSO, EU Hedy Lo K W Kong hwhlo@eu.gov.hk kwkong@eu.gov.hk Tel: 2165 7288 In addition, organisations often view personal data leakage to be a technology issue and respond Tel: 2165 7288 PMSO, EU with tactical measures such as implementing additional stringent IT security controls. However, PMSO, EU Peggy Leung David Hooi pwkleung@eu.gov.hk technology is not the panacea. Insufficient support from management and staff as well as an dwkhooi@eu.gov.hk Tel: 2165 7206 Tel: 2810 3701 inadequate framework would undermine the effectiveness of data protection. PEO, EU PEO, EU Judy Li Judy Li jckli@eu.gov.hk Therefore, a data control jckli@eu.gov.hk Tel: 2810 2306 Tel: 2165 7206 framework may be established at different levels of the organisation to include: • Governance: The level at which privacy strategy is formulated and applied to the unique organisation environment; 3
• Operations: The level at which day-to-day operational procedures and staff awareness Efficiency Unit Website regarding data privacy are established; and • Maintenance: The level at which on-going monitoring and controls are applied effectively, Head, EU Head, EU Kitty Choi especially in the light of any changes in process and technology. Kitty Choi kkychoi@eu.gov.hk kkychoi@eu.gov.hk Tel: 2810 2021 Tel: 2810 2021 In parallel, a holistic privacy protection programme with a layered enforcement among People, Deputy Head, EU Deputy Head, EU Patricia Lau Process and Technology may also be formulated. Patricia Lau plau@eu.gov.hk plau@eu.gov.hk Tel: 2810 3463 Tel: 2810 3463 • People serve as the most important and integral part of data protection. This requires Assistant Director, EU Assistant Director, EU W C Chan support from the department’s top management, awareness of all staff, as well as a sound Peggy Leung wcchan@eu.gov.hk pwkleung@eu.gov.hk Tel: 2165 7228 culture on data protection. Tel: 2810 2306 Assistant Director, EU • Processes should be well organised and documented in order to minimise human error Assistant Director, Yuk W F EU which may cause a violation of data privacy protection. Policies should be established to W F Yuk wfyuk@eu.gov.hk wfyuk@eu.gov.hk Tel: 2810 3701 provide general data privacy principles. Tel: 2165 7228 Assistant Director, EU • Technology supporting the process should be appropriately implemented to minimise the AssistantSteve Barclay Director, EU risk of leakage of personal information within the data management lifecycle. Steve Barclay sbarclay@eu.gov.hk sbarclay@eu.gov.hk Tel: 2810 3408 Tel: 2810 3408 PMSO, EU SUMMARY PMSO, EU Hedy Lo K W Kong hwhlo@eu.gov.hk Data leakage incidents are serious threats to organisations of all sizes and across various kwkong@eu.gov.hk Tel: 2165 7288 operational functions. They often attract negative publicity and reputation management becomes Tel: 2165 7288 PMSO, EU an issue. However, addressing privacy and data protection issues merely from the technology PMSO, EU Peggy Leung David Hooi pwkleung@eu.gov.hk perspective will not provide a robust and long term solution. Organisations should be proactive dwkhooi@eu.gov.hk Tel: 2165 7206 Tel: 2810 3701 and adopt a holistic approach to protect personal information. Developing a culture that is PEO, EU sensitive to the day-to-day handling of personal data will help minimise the reliance on crisis PEO, EU Judy Li Judy Li jckli@eu.gov.hk management when data leakage incidents hit the media. jckli@eu.gov.hk Tel: 2810 2306 Tel: 2165 7206 If you wish to find out more about the framework and the surveys mentioned in this newsletter, please visit http://www.deloitte.com Efficiency Unit May 2009 4

Empfohlen

Pal gov.tutorial6.session5.privacy and data protection
Pal gov.tutorial6.session5.privacy and data protectionPal gov.tutorial6.session5.privacy and data protection
Pal gov.tutorial6.session5.privacy and data protectionMustafa Jarrar
 
Education in the age of access
Education in the age of accessEducation in the age of access
Education in the age of accessCORE Education
 
Riseptis report 1
Riseptis report 1Riseptis report 1
Riseptis report 1vafopoulos
 
DERI Overview - March 2011
DERI Overview - March 2011DERI Overview - March 2011
DERI Overview - March 2011mellotte
 
Internet basic
Internet basicInternet basic
Internet basicMaria Theresa
 
MSO grade news No.2/2009
MSO grade news No.2/2009MSO grade news No.2/2009
MSO grade news No.2/2009alankhlo
 
EU newletter on Corporate Governance
EU newletter on Corporate GovernanceEU newletter on Corporate Governance
EU newletter on Corporate Governancealankhlo
 
EUpdate July 2009
EUpdate July 2009EUpdate July 2009
EUpdate July 2009alankhlo
 

Empfohlen

Pal gov.tutorial6.session5.privacy and data protection
Pal gov.tutorial6.session5.privacy and data protectionPal gov.tutorial6.session5.privacy and data protection
Pal gov.tutorial6.session5.privacy and data protectionMustafa Jarrar
 
Education in the age of access
Education in the age of accessEducation in the age of access
Education in the age of accessCORE Education
 
Riseptis report 1
Riseptis report 1Riseptis report 1
Riseptis report 1vafopoulos
 
DERI Overview - March 2011
DERI Overview - March 2011DERI Overview - March 2011
DERI Overview - March 2011mellotte
 
Internet basic
Internet basicInternet basic
Internet basicMaria Theresa
 
MSO grade news No.2/2009
MSO grade news No.2/2009MSO grade news No.2/2009
MSO grade news No.2/2009alankhlo
 
EU newletter on Corporate Governance
EU newletter on Corporate GovernanceEU newletter on Corporate Governance
EU newletter on Corporate Governancealankhlo
 
EUpdate July 2009
EUpdate July 2009EUpdate July 2009
EUpdate July 2009alankhlo
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDubai Multi Commodity Centre
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by HubspotMarius Sescu
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTExpeed Software
 

Weitere ähnliche Inhalte

Kürzlich hochgeladen

The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 

Kürzlich hochgeladen (20)

The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 

Empfohlen

2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by HubspotMarius Sescu
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTExpeed Software
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsPixeldarts
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthThinkNow
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfmarketingartwork
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024Neil Kimberley
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)contently
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024Albert Qian
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsKurio // The Social Media Age(ncy)
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Search Engine Journal
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summarySpeakerHub
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next Tessa Mero
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentLily Ray
 
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesVit Horky
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project managementMindGenius
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...RachelPearson36
 

Empfohlen (20)

2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage Engineerings
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
 
Skeleton Culture Code
Skeleton Culture CodeSkeleton Culture Code
Skeleton Culture Code
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search Intent
 
How to have difficult conversations
How to have difficult conversations How to have difficult conversations
How to have difficult conversations
 
Introduction to Data Science
Introduction to Data ScienceIntroduction to Data Science
Introduction to Data Science
 
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best Practices
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project management
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
 

EU newsletter on Data Privacy

  • 1. PRIVACY AND DATA PROTECTION From: Kitty Choi, Head, Efficiency Unit To: Heads of Department Efficiency Unit Website Date: 27 May, 2009 PRIVACY AND DATA PROTECTION ARE SENIOR MANAGEMENT CONCERNS Head, EU Head, EU Kitty Choi The way in which organisations manage and protect personal information has never been under Kitty Choi kkychoi@eu.gov.hk kkychoi@eu.gov.hk Tel: 2810 2021 such scrutiny as now. The current climate of concern stems from a series of mass leakages of Tel: 2810 2021 Deputy Head, EU personal information. In the first quarter of 2009, more than 150 privacy incidents happened Deputy Head, EU Patricia Lau around the world while over 3 million personal records were disclosed unintentionally (Source: Patricia Lau plau@eu.gov.hk plau@eu.gov.hk Tel: 2810 3463 Open Security Foundation). Recently in Hong Kong, repeated incidents of loss of removable Tel: 2810 3463 Assistant Director, EU devices (e.g. USB), inappropriate use of peer-to-peer applications (e.g. Foxy) or loss of data Assistant Director, EU W C Chan Peggy Leung wcchan@eu.gov.hk servers have been extensively reported by the media. pwkleung@eu.gov.hk Tel: 2165 7228 Tel: 2810 2306 Assistant Director, EU These privacy breaches reflect a spectrum of risks throughout the data management lifecycle, Assistant Director, Yuk W F EU W F Yuk wfyuk@eu.gov.hk which consists of collection, storage, retention, use, sharing, archival, disposition and destruction wfyuk@eu.gov.hk Tel: 2810 3701 Tel: 2165 7228 of data. These risks may include regulatory non-compliance, impact on operations, lack of public Assistant Director, EU trust, legal liabilities, identity theft/information misuse, and last but not least, reputation risk. AssistantSteve Barclay Director, EU Steve Barclay sbarclay@eu.gov.hk Privacy and data protection issues require strategic attention from leaders. Merely plugging the sbarclay@eu.gov.hk Tel: 2810 3408 Tel: 2810 3408 technology loophole may provide an interim solution at best but it will not solve the problem PMSO, EU PMSO, EU longer term. Hedy Lo K W Kong hwhlo@eu.gov.hk kwkong@eu.gov.hk Tel: 2165 7288 Tel: 2165 7288 In response to client needs, consulting firms have established their own frameworks to protect PMSO, EU PMSO, EU Peggy Leung personal data. The EU recently met with Deloitte’s Enterprise Risk Services Practice and we would David Hooi pwkleung@eu.gov.hk dwkhooi@eu.gov.hk like to share their insights in this newsletter. Tel: 2165 7206 Tel: 2810 3701 PEO, EU PEO, EU Judy Li SOURCES OF DATA LEAKAGE Judy Li jckli@eu.gov.hk jckli@eu.gov.hk Tel: 2810 2306 Data leakage might occur through simple day-to-day activities such as handling of physical records, Tel: 2165 7206 e-mail exchanges, telephone conversations, data-sharing on USB flash drives and usage of peer-to-peer software or instant messaging services. Recent research reported that there were over 1,000 personal data incidents worldwide from 2005 to June 2008, in which 50% of the cases were due to accidental exposure, human or 1
  • 2. system errors, improper data disposal and loss of removable media, and 46% of cases involved Efficiency Unit Website data with no protection at all (Source: Computer Weekly). Head, EU Head, EU Kitty Choi CHALLENGES TO PRIVACY AND DATA PROTECTION Kitty Choi kkychoi@eu.gov.hk According to a global security survey of the world’s top 100 global financial institutions conducted kkychoi@eu.gov.hk Tel: 2810 2021 Tel: 2810 2021 by Deloitte in 2008, 48% of respondents indicated that the loss of customer data/privacy Deputy Head, EU Deputy Head, EU Patricia Lau issues/information leakage was their highest concern. Human error is overwhelmingly stated as Patricia Lau plau@eu.gov.hk plau@eu.gov.hk Tel: 2810 3463 the greatest weakness (86%) followed by technology (63%). While the Government operates in a Tel: 2810 3463 different paradigm, the fact that we possess a huge amount of personal data across different Assistant Director, EU Assistant Director, EU W C Chan government departments and given the high expectation the public has on us to guard their Peggy Leung wcchan@eu.gov.hk pwkleung@eu.gov.hk Tel: 2165 7228 privacy, we need to be ahead of Tel: 2810 2306 this game. Assistant Director, EU Assistant Director, Yuk W F EU W F Yuk wfyuk@eu.gov.hk wfyuk@eu.gov.hk Tel: 2810 3701 Respondents also expressed Tel: 2165 7228 Assistant Director, EU concern about the growing AssistantSteve Barclay Director, EU popularity of social networking Steve Barclay sbarclay@eu.gov.hk sbarclay@eu.gov.hk Tel: 2810 3408 technologies (e.g. Facebook), Tel: 2810 3408 PMSO, EU instant messaging technologies (e.g. PMSO, EU Hedy Lo K W Kong hwhlo@eu.gov.hk MSN) and the proliferation of kwkong@eu.gov.hk Tel: 2165 7288 storage devices (e.g. USB) as well Tel: 2165 7288 PMSO, EU as mobile devices (e.g. PMSO, EU Peggy Leung David Hooi pwkleung@eu.gov.hk Blackberry). dwkhooi@eu.gov.hk Tel: 2165 7206 Tel: 2810 3701 PEO, EU As a result, more than half of the respondents surveyed restricted the use of social networking PEO, EU Judy Li Judy Li jckli@eu.gov.hk (53%) or instant messaging technologies (58%) but, for productivity reasons, they allowed jckli@eu.gov.hk Tel: 2810 2306 Tel: 2165 7206 employees to use storage devices (73%) or mobile devices (90%). Nevertheless, less than 40% of respondents offered employee guidelines on the secured use of these devices and only around 40% published policies on acceptable business use. The survey also showed that only 44% of respondents have assigned a dedicated privacy executive officer whose major responsibilities are to analyse regulation, develop privacy strategy, enforce policies, provide internal consulting on privacy issues, conduct training, respond to incidents, monitor and measure compliance, and perform risk assessments. 2
  • 3. Efficiency Unit Website When asked to select the most influential drivers for management attention on privacy, respondents cited the need to comply with privacy regulations (79%), protection of brand and Head, EU Head, EU Kitty Choi reputation (70%) and potential liability (55%) as their top three choices. Kitty Choi kkychoi@eu.gov.hk kkychoi@eu.gov.hk Tel: 2810 2021 Tel: 2810 2021 A COMPREHENSIVE DATA CONTROL FRAMEWORK AND A HOLISTIC APPROACH Deputy Head, EU Deputy Head, EU Patricia Lau To address the privacy and data Patricia Lau plau@eu.gov.hk plau@eu.gov.hk Tel: 2810 3463 protection issues, organisations are often Tel: 2810 3463 locked into a reactive mode. According Assistant Director, EU Assistant Director, EU W C Chan to another survey conducted by Deloitte, Peggy Leung wcchan@eu.gov.hk pwkleung@eu.gov.hk Tel: 2165 7228 privacy and security professionals spend Tel: 2810 2306 more than 50% of their time responding Assistant Director, EU Assistant Director, Yuk W F EU to privacy breaches such as investigation, W F Yuk wfyuk@eu.gov.hk wfyuk@eu.gov.hk Tel: 2810 3701 remediation, incident reporting and Tel: 2165 7228 Assistant Director, EU notification as well as communication AssistantSteve Barclay Director, EU with customers, employees and Steve Barclay sbarclay@eu.gov.hk sbarclay@eu.gov.hk Tel: 2810 3408 stakeholders. Respondents struggle to Tel: 2810 3408 PMSO, EU allocate time to consider proactive privacy protection measures. PMSO, EU Hedy Lo K W Kong hwhlo@eu.gov.hk kwkong@eu.gov.hk Tel: 2165 7288 In addition, organisations often view personal data leakage to be a technology issue and respond Tel: 2165 7288 PMSO, EU with tactical measures such as implementing additional stringent IT security controls. However, PMSO, EU Peggy Leung David Hooi pwkleung@eu.gov.hk technology is not the panacea. Insufficient support from management and staff as well as an dwkhooi@eu.gov.hk Tel: 2165 7206 Tel: 2810 3701 inadequate framework would undermine the effectiveness of data protection. PEO, EU PEO, EU Judy Li Judy Li jckli@eu.gov.hk Therefore, a data control jckli@eu.gov.hk Tel: 2810 2306 Tel: 2165 7206 framework may be established at different levels of the organisation to include: • Governance: The level at which privacy strategy is formulated and applied to the unique organisation environment; 3
  • 4. Operations: The level at which day-to-day operational procedures and staff awareness Efficiency Unit Website regarding data privacy are established; and • Maintenance: The level at which on-going monitoring and controls are applied effectively, Head, EU Head, EU Kitty Choi especially in the light of any changes in process and technology. Kitty Choi kkychoi@eu.gov.hk kkychoi@eu.gov.hk Tel: 2810 2021 Tel: 2810 2021 In parallel, a holistic privacy protection programme with a layered enforcement among People, Deputy Head, EU Deputy Head, EU Patricia Lau Process and Technology may also be formulated. Patricia Lau plau@eu.gov.hk plau@eu.gov.hk Tel: 2810 3463 Tel: 2810 3463 • People serve as the most important and integral part of data protection. This requires Assistant Director, EU Assistant Director, EU W C Chan support from the department’s top management, awareness of all staff, as well as a sound Peggy Leung wcchan@eu.gov.hk pwkleung@eu.gov.hk Tel: 2165 7228 culture on data protection. Tel: 2810 2306 Assistant Director, EU • Processes should be well organised and documented in order to minimise human error Assistant Director, Yuk W F EU which may cause a violation of data privacy protection. Policies should be established to W F Yuk wfyuk@eu.gov.hk wfyuk@eu.gov.hk Tel: 2810 3701 provide general data privacy principles. Tel: 2165 7228 Assistant Director, EU • Technology supporting the process should be appropriately implemented to minimise the AssistantSteve Barclay Director, EU risk of leakage of personal information within the data management lifecycle. Steve Barclay sbarclay@eu.gov.hk sbarclay@eu.gov.hk Tel: 2810 3408 Tel: 2810 3408 PMSO, EU SUMMARY PMSO, EU Hedy Lo K W Kong hwhlo@eu.gov.hk Data leakage incidents are serious threats to organisations of all sizes and across various kwkong@eu.gov.hk Tel: 2165 7288 operational functions. They often attract negative publicity and reputation management becomes Tel: 2165 7288 PMSO, EU an issue. However, addressing privacy and data protection issues merely from the technology PMSO, EU Peggy Leung David Hooi pwkleung@eu.gov.hk perspective will not provide a robust and long term solution. Organisations should be proactive dwkhooi@eu.gov.hk Tel: 2165 7206 Tel: 2810 3701 and adopt a holistic approach to protect personal information. Developing a culture that is PEO, EU sensitive to the day-to-day handling of personal data will help minimise the reliance on crisis PEO, EU Judy Li Judy Li jckli@eu.gov.hk management when data leakage incidents hit the media. jckli@eu.gov.hk Tel: 2810 2306 Tel: 2165 7206 If you wish to find out more about the framework and the surveys mentioned in this newsletter, please visit http://www.deloitte.com Efficiency Unit May 2009 4