Tag: Data Mapping

The audit on personal data protection is coming

Posted in Compliance, Cyber security, Data Protection, Future, General, LawLeave a comment

The Cyberspace Administration of China (CAC) published the Administrative Measures for the Audit of Personal Information Protection Compliance for Comment in August. The aim is to operationalize the regular compliance audit for processors of personal information in accordance with Article 54 and 64 of the Personal Information Protection Law (PIPL). The administrative measures specify the… Continue reading The audit on personal data protection is coming

China’s Twenty Data Measures Promotes Data Governance

Posted in Compliance, Cyber security, Data Protection, Future, General, LawLeave a comment

China’s data production reached 6.6 Zettabytes (ZB) in 2021, accounting for 9.9% of total global data production. This puts China second only to the United States (16 ZB). In order to further enhance digital productivity, the Opinions on Building a Basic Data System to Better Fulfill the Role of Data Elements (Twenty Data Measures) were… Continue reading China’s Twenty Data Measures Promotes Data Governance

Shanghai improves data protection

Posted in Compliance, Cyber security, Data Protection, Future, General, LawLeave a comment

Shanghai is raising the level of data protection in the city. A pilot program will classify and tiered data categories and develop catalogs of important data. To this end, the program will identify typical cases, develop general methods, and provide training to meet needs. The background is the Data Security Law (DSL), which includes classified… Continue reading Shanghai improves data protection

Cross-Border Data Transfer outside China: Attentive to the Rectification Period

Posted in Compliance, Cyber security, Data Protection, GeneralLeave a comment

Companies operating in China should be attentive to the Measures on Security Assessment of Cross-Border Data Transfers (Measures), published on July 7, 2022, as they take effect as early as September 1, 2022.  Among other things, the Measures require data processors to conduct a security assessment when: 1. Providing critical data outside of China. 2.… Continue reading Cross-Border Data Transfer outside China: Attentive to the Rectification Period

Important Data: More Duties for Processing

Posted in Compliance, Cyber security, Data Protection, Future, General, LawLeave a comment

China is fleshing out its data protection rules. The Network Data Security Management Regulation (Draft for Comments), published in November 2021, provides more detailed guidance regarding the obligations of processors of important data. Data is divided into general data, important data, and national core data. Important data refers to data that may jeopardize national security… Continue reading Important Data: More Duties for Processing

The PIPL Requires Data Mapping of Personal Information

Posted in Compliance, Cyber security, Data Protection, Future, LawLeave a comment

With the new Personal Information Protection Law (PIPL), the assessment of the impact on data subjects through the Personal Information Security Impact Assessment (PISIA) becomes the center of attention. PISIA assesses the legal compliance of current personal data processing, identifies the risks to data subjects, and evaluates the effectiveness of the data protection measures taken.… Continue reading The PIPL Requires Data Mapping of Personal Information