China: Closed consultation on Implementation Rules for Data Security Risk Assessment in the Industrial and Information Technology Fields

On 8 November 2023, the Ministry of Industry and Information Technology of the People’s Republic of China (MIIT) closed the public consultation on the Implementation Rules for Data Security Risk Assessment in the Industrial and Information Technology. The Rules apply to entities handling important data and core data in the industrial and information fields. The Rules outline the content of the risk assessment report in order to improve the level of data security management and the security measures that have to be followed when selecting a third-party assessment body. Under the draft rules, the entities would be required to complete a data security risk assessment at least once per year.