Are you on track for compliance with the Data Security Law of China?
On 10 June 2021, the Data Security Law (the "DSL") was passed in the Standing Committee of the National People's Congress and will take effect on 1 Sep 2021. The DSL serves as a fundamental legislation in the field of data security and compliance. Various obligations are imposed on entities that process any amount of data in and outside China. There is also expected to be a series of implementation rules to clarify the relevant obligations in the future.
How can multinational corporations prepare for compliance at this stage? We have listed the following the DSL Checklist to help companies grasp the important points and understand what they are suggested to do next to adapt to these rules more smoothly.
You also should be aware of the consequences in case of a violation. The legal liabilities may include warning, correction order, fine, suspension of business, and revocation of business license. This Checklist can serve as a quick-reference guide. On top of this, you are suggested to pay close attention to relevant updates. And it is highly recommended to ask professional law firms for help so that you can build reliable company policies and systems.
The DSL Compliance Checklist is as follows.
Category | Action(s) / Deliverable(s) | Article of DSL |
1. Scope of Application and Extraterritorial Reach | ||
(1) Application Scope and Extraterritorial Reach |
|
2 2 |
2. General Considerations for Data Processing | ||
2.1. Data Governance | ||
(2) Policy Framework |
|
27 27 27 33 |
(3) Incident Response |
|
29 29 |
(4) Trainings and Education |
|
27 |
Click here to continue reading . . .
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
We operate a free-to-view policy, asking only that you register in order to read all of our content. Please login or register to view the rest of this article.