PIPL: Staying Compliant with China's New Data Security Law
The PIPL, China's new data protection law, imposes several data processing regulations and strict penalties for businesses in violation of the new rules.
The European GDPR came into force for EU and EEA nations in 2018, and a revised UK version then came into play in 2021 following Brexit. In the US, 2020 started with a bang as the California Consumer Privacy Act (CCPA) officially kicked in, while the fall of the EU-US Privacy Shield agreement sent ripples through EU-US data flows.
Now, China has passed the Personal Information Protection Law (PIPL): the country's first national-level personal data protection regulation. China's new data security law came into effect on the 1st of November 2021 and prohibits the excessive collection of personal or sensitive information. Any collection of such data is limited to the minimum level necessary to fulfil a specific purpose.
While everyone in China will be affected, the PIPL will significantly impact employee data protection, meaning HR teams and businesses operating in China will have to be extra careful when handling their staff's personal information.
What happens if businesses fall short of the PIPL?
To read more, go to https://topsourceworldwide.com/