Excellent detailed summary from our friends at Dezan Shira’s China Briefing: https://www.china-briefing.com/news/china-cybersecurity-regulations-what-do-the-new-regulations-say/
Good quick summary from Axios on how the China PIPL applies for companies outside of China: https://www.axios.com/china-data-privacy-law-foreign-businesses-297f3d9c-51a9-4053-91c2-fd27e4f89274.html
Excellent PDF with status and HR process recommendations from PwC, including next steps you can take now: HR Compliance Management: Measuring the Impact of the upcoming PIPL
Good FAQ from One Trust’s Data Guidance – useful details on exterritorial reach, DPO, an more: https://www.dataguidance.com/opinion/china-pipl-frequently-asked-questions
Summary of how the new China PIPL affects employment contracts, background checks, etc. from the International Lawyers Network: FAQs on China Employment Law Basics
Bay Area vendor Securiti.ai has a comprehensive toolset for GDPR and the China PIPL, with support for all key PIPL processes, including cookies, data requests, reports, consent, and PIPL readiness – see their PIPL product section.
Good summary and info about how the Supreme People’s Procuratorate (SPP) will address personal information protection through public interest litigation. See article and links to the announcements at the China Justice Observer: Personal Information Protection: Next Battlefield for China’s Public Interest Litigation?
From ALA Consulting in China, a good summary of how the China PIPL impacts your HR processes, interviews, etc. https://www.linkedin.com/pulse/impact-china-pipl-hr-management-ii-susan-kang/
Bay Area vendor TrustArc has a wide variety of tools that support the GDPR, etc. and are already supporting PIPL processes – see their product section. They also have extensive content on the China PIPL in their PIPL Center.
The new China PIPL is very strict on who and how you can share personal information and data. This affects everything from payroll to email marketing to product fulfillment and more. These are about trusted persons and contracts with them, which must include: Purpose – Why are you sharing data with these vendors, etc.? TimeContinue reading “Data Sharing – Your 3rd Party Vendors”