The newly promulgated measures increase the threshold of data triggering security assessments and contract requirements while leaving room for Chinese authorities to heavily restrict cross-border data transfers.
In...more
4/1/2024
/ China ,
Critical Infrastructure Sectors ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Free Trade Zone ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
New Regulations ,
Personal Information ,
Personal Information Protection Law (PIPL) ,
Regulatory Requirements ,
Risk Assessment ,
Security Risk Assessments ,
Sensitive Personal Information ,
Standard Contractual Clauses
The new law will require critical infrastructure entities to report certain covered cybersecurity incidents to government agencies within 72 hours; ransomware payments within 24 hours.
On March 15, President Biden signed...more