Jeremy,
Vontu has many built in policies that address the UK identifiers. As for Hong Kong and other locations, nearly evey country that I can think of has a unique identifier, similar to our U.S. SSN - Google can easily find those formats and regex's for you to work with. There are bank account numbers and credit card numbers to look at as well.
One thing you may want to consider prior to implementing these policies is the Privacy laws for each of the countires that you are monitoring. We had extensive talks with our Legal staff - both U.S. and abroad- and it was determined that we were not allowed to monitor the traffic out of certain countries. For example, any emails sent from Korea could not be monitored by U.S. staff. These incidents could only be viewed by those in Korea.
Vontu/Symantec's Legal department put together a great .pdf that covers the Privacy laws for a lot of the Asia-pac countries. I tried finding it on-line, but no luck. Maybe one of the fine folks at Symantec could get that over to you.
Regards,
Eric