Publications.

Edited Time: March 20, 2023Edited by: adminCategory: Publications

On March 16, 2023, the National Information Security Standardization Technical Committee (“NISSTC”) released a draft national standard, the Information Security Technology – Certification Requirements for Cross-border Transmission of Personal Information (Exposure Draft), to solicit public opinions until May 15, 2023.

The standard is applicable to the certification of personal information protection conducted by certification organs for personal information processors’ cross-border transmission of personal information.

It mainly provides for the basic principles and requirements for personal information processors to conduct cross-border transmission of personal information, as well as the requirements on the protection of the rights and interests of personal information holders.

Regarding the basic requirements, it specifies that personal information processors conducting cross-border processing of personal information and overseas recipients should sign a legally binding and executable document, and such document shall specify at least 11 aspects of content, covering the basic information of both parties, purpose, scope and etc. of the transmission, rights and interests of both parties, technical and management measures for risk prevention, etc.

Among others, the standard also provide that each of the two parties should designate a person in charge of the personal information protection.

For more information, please visit NISSTC at https://www.tc260.org.cn/front/bzzqyjDetail.html?id=20230316143506&norm_id=20221102152946&recode_id=50381