2022 Apr | Volume 188

IT Security Policy for Application Systems on Personal Data Handling

As the public awareness, regulatory need, and the technical standard regarding personal data privacy evolves, colleagues may find it challenging to comply with these requirements when developing new IT application systems or revamping existing ones.

Endorsed by University IT Governance Committee (ITGC) in Feb 2022, the IT Security Policy for Application Systems on Personal Data Handling aimed to provide clear principles and easy-to-follow procedures to colleagues to handle personal data via IT systems.

The Principles of the Policy are:

  • To ensure personal data is only used as intended and within (legal) restrictions
  • To apply appropriate security measures to protect personal data
  • To provide good security practices against hacking and eavesdropping

In addition, the policy also includes the latest technical standard in various areas for IT application developers to follow:

  • Data encryption at rest
  • Data encryption in transit
  • Server protection and security hardening for on-premises application systems
  • Server protection and security hardening for public cloud application systems

Please visit the ITSC website for the full description of the policy.



back to issue
More Articles

ITSC Extends Service Hours to Support Exam


Highlight: More IT Services Rolling out this Summer


Highlight: Join ITSC Training to Equip Yourself


E-Interdepartmental Billings and Transfers (e-IBT) in CUSAP


IT Security Policy for Application Systems on Personal Data Handling


Mock Phishing Exercise for CUHK Staff


Graduates-to-be, Here Is a Checklist for You


Updates of University Software Standards


Care x Communication – ITSC User Group Meeting


Copyright(c) 2022. All Rights Reserved. The Chinese University of Hong Kong.