China: Closed consultation on TC260 draft standard on data security technology security requirements for government data processing

Description

Closed consultation on TC260 draft standard on data security technology security requirements for government data processing

On 14 June 2024, the National Network Security Standardization Technical Committee (TC260) closes the public consultation on the draft standard on data security technology security requirements for government data processing. The draft standard outlines guidelines for government data processing security, including technical requirements, personal information protection, and assessment methods. It establishes a framework for secure data handling, covering aspects such as organisation, systems, and third-party services. Additionally, it provides operational and supervisory requirements to ensure compliance and effectiveness. In regard to the obligations of the third parties entrusted to government data processing, the draft specifies that they have to comply with legal and contractual requirements regarding government data handling. They should establish organisational security measures, with the entrusting party overseeing security. Additionally, they must manage personnel security, including background checks and training, and provide regular feedback to enhance security measures based on assessments.

Original source

Scope

Policy Area
Data governance
Policy Instrument
Cybersecurity regulation
Regulated Economic Activity
cross-cutting
Implementation Level
national
Government Branch
executive
Government Body
other regulatory body

Complete timeline of this policy change

Hide details
2024-04-15
in consultation

On 15 April 2024, the National Network Security Standardization Technical Committee (TC260) publish…

2024-06-14
processing consultation

On 14 June 2024, the National Network Security Standardization Technical Committee (TC260) closes t…