Being one of the most important implementation rules of the Personal Information Protection Law, the Security Assessment Measures for Cross-border Data Transfers (hereinafter referred to as “the Measures”) have come into force on September 1, 2022. Article 20 of the Measures provides a six-month grace period to enterprises that have already conducted Cross-border data transfer activities, that is, the relevant enterprises shall complete the rectification before March 1, 2023 (hereinafter referred to as “the Deadline”). 

Enterprises whose cross-border data transfers have not yet triggered the mandatory declaration may also choose to declare security assessment at their own discretion. Considering that the Deadline will soon lapse, we have selected and summarized some most concerned/asked questions, taking into account the most confusing topics under the assessment work together with some hands-on experience.

For more information on the topic, or any quesiton you may have for purchase, please contact: assistant@bestao-consulting.com