China’s first case of data export security assessment for data export approved in Beijing
Published: Jan 18, 2023 09:05 PM
Photo: IC

Photo: IC

China's first case of security assessment for data export between a hospital in Beijing and a university medical center in the Netherlands got approved in Beijing, providing practical guidance for strengthening the safety management of medical and health data exports and promoting international medical research cooperation. 

According to the Beijing office of the Cyberspace Administration of China (CAC), the collaborative research project between Beijing Friendship Hospital, Capital Medical University and Academic Medical Centre of University of Amsterdam (AMC-UvA) became China's first case of data approved to be exported, CAC announced on Wednesday. 

The approval of the project marked the first implementation of security assessments of important data and personal information collected within China which will be provided overseas, providing practical guidance for strengthening the safety management of medical and health data exports and promoting international medical research cooperation. 

The Measures for Security Assessment of Data Exports was issued by CAC on July 7, 2022 and started to be implemented on September 1, 2022. 

In a bid to promote the safe and free cross-border flow of data, Beijing Internet Information Office actively carry out the security assessment on the declarations of data exports by opening consultation hotlines, organizing policy interpretations, and promoting pilot cases. 

The office launched the nation's first provincial enquiry hotline for application and has answered more than 700 telephone inquiries and provided service to over 270 applicants. 

The office has organized and directed 16 institutions in key areas including social media, healthcare, finance, cars, civil aviation to file a formal declaration with two of them passing the assessment. 

The other project of Air China was also approved recently as the second successful case in the country, accumulating experience for the city to further guide and support more enterprises and institutions to solve the needs of data compliance for exports. 

Afterwards, the office will further strengthen direction on the declaration of the assessment and actively promote local companies and institutions to carry out assessment and declaration work in a timely, standardized and orderly manner.

China has been stepping up efforts to accelerate the implementation of regulations and standards targeting data in key sectors in a bid to strengthen data security.

According to the Data Security Law which took effect in 2021, if core state data is mishandled or national sovereignty is endangered, a fine of up to 10 million yuan may be issued and a business license may be suspended or revoked.

The trial regulations for industrial and information data security were issued by China's Ministry of Industry and Information Technology (MIIT) on December 13, 2022 and took effect on January 1, 2023. According to the regulations, vital and core data collected and generated by industrial and information data processors in China should be stored within the country if required by laws and administrative regulations. The regulations require important data in key areas to undergo a safety assessment before being provided overseas. 

Global Times