MILAN, Oct. 28 (Class Editori) -- Groups are increasingly encouraged to responsibly safeguard their customers' data and to periodically update privacy and security operations. Companies, in order to regulate the several adjustment efforts, must rely on an active observatory in step with the current digital framework.
This emerged from a study published by InTarget and focused on changes happened in the last years concerning personal data. "Data Security Law and Personal Information Protection Law will strongly affect companies that export to China, which will have to meet Beijing's standards. Since the law can be applied to every business processing personal information of every physical person in China, it also involves Italian firms," Stefano Generali, Managing Director of InTarget China, explained. "Data treatment activities must follow stricter rules, avoiding compromising national security, public interests and rights of China's inhabitants and organizations. Groups are increasingly encouraged to responsibly safeguard their customers' data, and this will require a periodical update of privacy and security operations and an active observatory in step with the current digital framework".
Data managers that need to provide information outside China's borders, both for business purposes and for other reasons, must fulfil specific conditions, the study reported. They must have passed the security assessment by state cyberspace authorities, obtained personal data protection certification by professional agencies, in accordance with the regulations of state cyberspace authorities, and signed a contract with overseas recipients to stipulate the rights and obligations of both parties.
Also, they must have supervised the activity of processing personal data of overseas recipients to ensure compliance with the standards of protection of such data under Chinese law. Any other conditions set forth in laws, administrative regulations or by the state cyberspace authorities must also be met. There is also information that can be transferred outside the PRC via the Internet, including data concerning purchase order to overseas seller, such as the name, cell phone number and address of the recipient, related to the delivery of a purchase order to overseas logistics service provider or concerning purchase order or the identity of the order recipient to overseas seller, customs agents and customs.
"Given these evolutions, it is necessary to be fully aware of the ways in which companies must operate in compliance with the regulations and of the possible sanctions in case of violation," Nicola Tanzini, Founder and Executive Chairman of InTarget, added.
During the short transition period, companies will be able to make preliminary assessments by using checklists. If a firm outside the PRC processes personal data of Chinese citizens, it will be necessary to have a competent entity in China that is responsible for the protection of personal information and can communicate with local supervisory authorities.
(Source:Class Editori)
Notice: No person, organization and/or company shall disseminate or broadcast the above article on Xinhua Silk Road website without prior permission by Xinhua Silk Road.
A single purchase
