The People's Bank of China, the country's central bank, released a set of draft administrative measures on Monday to strengthen the security management of data related to the PBOC's activity, as part of China's ongoing efforts to complete its data security system.
Soliciting public opinions through August 24, the draft administrative measures are aimed at guiding and supervising relevant entities performing their obligation of data protection and processing the data generated or collected from the PBOC's regulatory activity in accordance with laws and regulations.
The draft measures require relevant data processors to establish and improve their data classification system so as to implement differentiated data protection and refine the accountability procedures for non-compliant data processing activities.
The central bank is in charge of dealing with the requests for data related to its regulatory activity from international institutions and foreign financial authorities, and any data handlers shall not provide such data, stored domestically, to international institutions and foreign financial authorities without the approval of the PBOC and other relevant regulators.
Formulated according to the country's Cybersecurity Law and other laws and regulations, the new measures have specified the bottom-line requirements for data security compliance when it comes to the PBOC's regulatory activity and filled an administrative vacuum, the central bank said.