A PDPO compliance checklist for Hong Kong SMEs

The minimum data-protection controls every HK business should have in place this year.

Hong Kong's PDPO has real teeth. This checklist covers the smallest set of changes that materially reduce risk: data inventory, lawful basis, retention policies, breach response, vendor due diligence and staff training. We map each item to the controls we deploy for clients.