Hong Kong's data breach notification scheme: From the stakeholder's perspectives

Sandy Sabapathy, Ong Rebecca

Research output: Journal article publicationJournal articleAcademic researchpeer-review

2 Citations (Scopus)


Data breach notification laws have been enacted in an increasing number of economies
around the world. These laws establish the requirement for notice in the event of a data
breach incident. Although, there are a number of reasons for requiring data breaches to be
notified, the primary objective of the laws is to regulate organizations’ data security practices in order to protect the data privacy of its customers. In so doing, the data reporting
obligations promote accountability, transparency and trust, thereby improving the overall
organizational data security environment. Opinions are, however, divided amongst various
private sector stakeholders on the issue of mandatory data breach notification. Drawing on
the interviews with 24 private sector representatives with interest in data breach issues,
this article documents and examines their position on the appropriate regulatory approach
for data breach notification in Hong Kong .
Original languageEnglish
Article number105579
Pages (from-to)1-16
Number of pages16
JournalComputer Law and Security Review
Issue number105579
Publication statusPublished - Sept 2021


Dive into the research topics of 'Hong Kong's data breach notification scheme: From the stakeholder's perspectives'. Together they form a unique fingerprint.

Cite this