On April 3, the Hong Kong Office of the Privacy Commissioner for Personal Data (PCPD) announced the publication of the “European Union General Data Protection Regulation (GDPR) 2016” guidance document. The PCPD explains that the publication was issued to raise awareness among organizations and businesses in Hong Kong of the possible impact of the new regulatory framework for data protection in the GDPR. The guidance document covers various provisions of the GDPR, including extra-territorial application of the GDPR and new data privacy governance requirements. It also contains a chart illustrating major differences between the GDPR and the Personal Data (Privacy) Ordinance, Laws of Hong Kong (Cap 486).
In the announcement, the PCPD highlights that one of the new developments introduced under the GDPR is the “explicit requirement of compliance by organisations established in non-EU jurisdictions in specified circumstances.” Recognizing that the EU is Hong Kong’s second largest trading partner, the PCPD urges that Hong Kong organizations that collect and process personal data of EU individuals to be prepared to comply with GDPR requirements.
In addition, the PCPD highlights that it will continue to “assist local data users in understanding and complying with data protection regimes overseas.” Additional educational activities organized by the PCPD can be found on the PCPD website.