HK launches data governance framework

Hong Kong has introduced a new framework for big-data management, establishing governance principles and forming an independent evaluation system. Overseen by the Hong Kong Institute of Big Data Governance (IBDG), the push is on for setting standards in how information is used online as the city ramps up its transition to a digital economy. 

But it is not only for Hong Kong: the initiative is widely seen as building a foundation for data to flow more freely, while at the same time being better managed, within the Greater Bay Area. 

Its backers are promoting Hong Kong the a natural choice for a data depository and processing center for the region. “With proper big data governance, Hong Kong can take a leading role facilitating cross-border data flow and establishing itself as the data hub for GBA, for Asia, and possibly globally in the long run,” said Allen Yeung, founding chairman of IBDG. 

Taking reference from the EU’s General Data Protection Regulation and China’s Cyber Security Law as well as other global standards, the newly launched data governance framework offers an overarching approach to how enterprises collect, manage and archive data, according to Yeung. 

The key principles of the framework cover four main areas: data governance, data leaks, data transfers and continuous improvement. 

In data governance, corporations have to be open, fair and transparent in using data; data handling and storage must follow the principle of minimizing the permission right and ensure the accuracy, completion and confidentiality of the process. 

In cases of data leakage, the institute requires data controllers report cases to victims and regulators within 72 hours. Yeung stresses that this procedure aligns with EU standards. 

Data transfer refers to efforts to support the development of a digital economy. Verified members of the institute are encouraged to exchange data, whether it is inside or outside Hong Kong or cross-industry. The institute will adopt an independent third-party evaluation system to ensure its members follow international standards of data governance and ensure their continuous improvement.  

Stephen Wong, Hong Kong’s privacy commissioner for personal data, says the institute will learn from the EU and establish a “white list” that is compatible with international data governance standards. The list will showcase the type of data allowed to flow freely, their targeted industries and usage. It will be shared with industries to foster trust with international enterprises.

Yeung believes that by building standards in data governance here, other countries will develop more confidence in Hong Kong’s capabilities. These principles would not only accelerate digital transformation in the city but also provide a framework to facilitate reliable cross-border data flow. 

A non-profit platform, the IBDG was founded late last year by a group of industry veterans with the mission to build Hong Kong as an international data hub and to promote good self-governance for the big data industry in Hong Kong and beyond. 

Its founding members include: Hong Kong Stock Exchange, Ping An Insurance, China Light & Power (CLP), Fung Group, E&Y, Alibaba Cloud Computing, Amazon Web Services, China Unicom, Microsoft, OneAsia Network, SAP, i-Advantage and Tencent Cloud.  

Tell us what you think