On 24 June 2024, the Chinese National Network Security Standardization Technical Committee Secretariat (TC260) closes the consultation on the draft cybersecurity standard practice guidelines-sensitive personal information identification guidelines. The guideline aims to assist personal information processors in accurately identifying sensitive personal information and to establish standardised practices for the processing, export, and protection of such information. The sensitive personal information addressed in the draft includes biometric data, religious beliefs, special identity information, health information, financial data, location data, minors' information, and other data which encompasses sexual orientation and others. The feedback received will inform the finalisation of the guidelines, which are designed to support organisations in the processing, export, and safeguarding of sensitive personal information in line with data protection regulations.
Original source