当前位置: 顺通范文网 > 专题范文 > 公文范文 >

【中英文对照版】数据出境安全评估办法(范文推荐)

| 浏览量:

下面是小编为大家整理的【中英文对照版】数据出境安全评估办法(范文推荐),供大家参考。

【中英文对照版】数据出境安全评估办法(范文推荐)

 

  1 数据出境安全评估办法 Measures for the Security Assessment of Outbound Data Transfer 【中英文对照版】

  发布部门:

 国家互联网信息办公室

 发文字号:

 国家互联网信息办公室令第 1 11 号

 发布日期:

 2022.07.07

 实施日期:

 2022.09.01

 效力级别:

 部门规章

 法规类别:

 网络安全管理

 Issuing Authority :

 Cyberspace Administration of China Document Number :Order No. 11 of the Cyberspace Administration of China

 Date Issued :07-07-2022

 Effective Date :09-01-2022

 Level of Authority :

 Departmental Rules Area of Law :

 Network Security Management

  Order of the Cyberspace Administration of China 国家互联网信息办公室令

  (No. 11) (第 11 号)

  The Measures for the Security Assessment of Outbound Data Transfer, as deliberated and adopted at the 10th executive meeting of the Cyberspace Administration of China in 2022 on May 19, 2022, are hereby issued and shall come into force on September 1, 2022. 《数据出境安全评估办法》已经2022 年 5 月 19 日国家互联网信息办公室 2022 年第 10 次室务会议审议通过,现予 公布 , 自2022 年 9 月 1 日起施行。

  Zhuang Rongwen, Director of the Cyberspace Administration of China 国家互联网信息办公室主任 庄荣文

  July 7, 2022 2022 年 7 月 7 日

  Measures for the Security Assessment of Outbound Data Transfer 数据出境安全评估办法

  Article 1 These Measures are developed in accordance with the Cybersecurity Law of the People"s Republic of China, the Data Security Law of the People"s Republic of China, the Personal

  第一条 为了规范数据出境活动,保护个人信息权益,维护国家安全和社会公共利益,促进

  2 Information Protection Law of the People"s Republic of China, and other applicable laws and regulations for the purposes of regulating outbound data transfer activities, protecting personal information rights and interests, safeguarding national security and public interest, and promoting the safe and free cross-border flow of data. 数据跨境安全、自由流动,根据《中华人民共和国 网络安全法》、《中华人民共和国数据安全法》、《中华人民共和国个人信息保护法》等法律法规,制定本办法。

  Article 2 These Measures shall apply to the security assessment of data processors" provision of important data and personal information collected and generated in their operations within the territory of the People"s Republic of China to overseas recipients. If it is otherwise provided for in any law or administrative regulation, such provisions shall prevail.

  第二条 数据处理者向境外提供在中华人民共和国境内运营中收集和产生的重要数据和个人信息的安全评估,适用本办法。法律、行政法规另有规定的,依照其规定。

  Article 3 The security assessment of outbound data transfer shall adhere to the integration of prior assessment and continuous supervision and the integration of risk self-assessment and security assessment, so as to prevent security risks arising from outbound data transfer and ensure the orderly and free flow of data in accordance with the law.

  第三条 数据出境安全评估坚持事前评估和持续监督相结合、风险自评估与安全评估相结合,防范数据出境安全风险,保障数据依法有序自由流动。

  Article 4 To provide data abroad under any of the following circumstances, a data processor shall apply to the national cyberspace administration for the security assessment of the outbound data transfer through the local provincial cyberspace administration:

  第四条 数据处理者向境外提供数据,有下列情形之一的,应当通过所在地省级网信部门向国家网信部门申报数据出境安全评估:

  (1) The data processor provides important data abroad. (一)数据处理者向境外提供重要数据;

  (2) The critical information infrastructure operator or the data processor that has processed the personal information of over one million people provides personal information abroad. (二)关键信息基础设施运营者和处理 100 万人以上个人信息的数据处理者向境外提供个人信息;

  (3) The data processor that has provided the personal information of over 100,000 people or the sensitive personal information of over 10,000 people cumulatively since January 1 of the previous year provides personal information abroad. (三)自上年 1 月 1 日起累计向境外提供 10 万人个人信息或者1 万人敏感个人信息的数据处理者向境外提供个人信息;

  3

  (4) Any other circumstance where an application for the security assessment of outbound data transfer is required by the national cyberspace administration. (四)国家网信部门规定的其他需要申报数据出境安全评估的情形。

  Article 5 A data processor shall, before applying for the security assessment of outbound data transfer, conduct a self-assessment of the risks in the outbound data transfer with a focus on the assessment of the following matters:

  第五条 数据处理者在申报数据出境安全评估前,应当开展数据出境风险自评估,重点评估以下事项:

  (1) The legality, legitimacy, and necessity of the purpose, scope, and method, among others, of the outbound data transfer and data processing by the overseas recipient. (一)数据出境和境外接收方处理数据的目的、范围、方式等的合法性、正当性、必要性;

  (2) The size, scope, type, and sensitivity of the data to be transferred abroad, and the risks that the outbound data transfer may endanger national security, public interest, or the lawful rights and interests of individuals or organizations. (二)出境数据的规模、范围、种类、敏感程度,数据出境可能对国家安全、公共利益、个人或者组织合法权益带来的风险;

  (3) The responsibilities and obligations that the overseas recipient undertakes to assume, and whether the overseas recipient"s management and technical measures and capabilities, among others, to perform its responsibilities and obligations can ensure the security of the data to be transferred abroad. (三)境外接收方承诺承担的责任义务,以及履行责任义务的管理和技术措施、能力等能否保障出境数据的安全;

  (4) The risk that the data may be tampered with, destroyed, divulged, lost, transferred, illegally obtained, or illegally used, among others, during and after the outbound data transfer;and whether the channels for the protection of personal information rights and interests are smooth, among others. (四)数据出境中和出境后遭到篡改、破坏、泄露、丢失、转移或者被非法获取、非法利用等的风险,个人信息权益维护的渠道是否通畅等;

  (5) Whether data security protection responsibilities and obligations are fully agreed upon in the contract to be concluded with the overseas recipient in relation to the outbound data transfer or any other legally binding document, among others (hereinafter collectively referred to as the “legal documents”). (五)与境外接收方拟订立的数据出境相关合同或者其他具有法律效力的文件等(以下统称法律文件)是否充分约定了数据安全保护责任义务;

  (6) Other matters that may affect the security of the outbound data transfer. (六)其他可能影响数据出境安全的事项。

  Article 6 To apply for the security assessment of outbound data

  第六条 申报数据出境安全

  4 transfer, the following materials shall be submitted: 评估,应当提交以下材料:

  (1) A written application. (一)申报书;

  (2) A report on the self-assessment of the risks in the outbound data transfer. (二)数据出境风险自评估报告

  (3) The legal documents to be concluded between the data processor and the overseas recipient. (三)数据处理者与境外接收方拟订立的法律文件;

  (4) Other materials as required for the security assessment. (四)安全评估工作需要的其他材料

  Article 7 The provincial cyberspace administration shall complete the examination of the completeness of application materials within five working days after receiving them, and if the application materials are complete, submit them to the national cyberspace administration; or if the application materials are incomplete, return them to the data processor and inform the data processor of all required supplements at one time.

  第七条 省级网信部门应当自收到申报材料之日起 5 个工作日内完成完备性查验。申报材料齐全的,将申报材料报送国家网信部门;申报材料不齐全的,应当退回数据处理者并一次性告知需要补充的材料。

  The national cyberspace administration shall, within seven working days after receiving the application materials, determine whether to accept the application and notify the data processor of the decision in writing. 国家网信部门应当自收到申报材料之日起 7 个工作日内,确定是否受理并书面通知数据处理者。

  Article 8 The security assessment of outbound data transfer shall focus on assessing the risks that the outbound data transfer may endanger national security, public interest, or the lawful rights and interests of individuals or organizations, which shall mainly cover the following matters:

  第八条 数据出境安全评估重点评估数据出境活动可能对国家安全、公共利益、个人或者组织合法权益带来的风险,主要包括以下事项:

  (1) The legality, legitimacy, and necessity of the purpose, scope, and method, among others, of the outbound data transfer. (一)数据出境的目的、范围、方式等的合法性、正当性、必要性;

  (2) The impact of the data security protection policies and regulations and cybersecurity environment of the country or region where the overseas recipient is located on the security of the data to be transferred abroad; and whether the data protection level of the overseas recipient satisfies the (二)境外接收方所在国家或者地区的数据安全保护政策法规和网络安全环境对出境数据安全的影响;境外接收方的数据保护水平是否达到中华人民共和国法

  5 requirements of laws and administrative regulations and the compulsory national standards of the People"s Republic of China. 律、行政法规的规定和强制性国家标准的要求;

  (3) The size, scope, type, and sensitivity of the data to be transferred abroad, and the risk that the data may be tampered with, destroyed, divulged, lost, transferred, illegally obtained, or illegally used, among others, during and after the outbound transfer. (三)出境数据的规模、范围、种类、敏感程度,出境中和出境后遭到篡改、破坏、泄露、丢失、转移或者被非法获取、非法利用等的风险;

  (4) Whether data security and personal information rights and interests are fully and effectively safeguarded. (四)数据安全和个人信息权益是否能够得到充分有效保障;

  (5) Whether data security protection responsibilities and obligations are fully agreed on in the legal documents to be concluded between the data processor and the overseas recipient. (五)数据处理者与境外接收方拟订立的法律文件中是否充分约定了数据安全保护责任义务;

  (6) The compliance with China"s laws, administrative regulations, and departmental rules. (六)遵守中国法律、行政法规、部门规章情况;

  (7) Other matters that shall be assessed as required by t...

推荐访问:出境 中英文对照 评估 【中英文对照版】数据出境安全评估办法 数据出境安全评估指南

热门文章

迎泽区迎泽街道南内环街二社区党总支学“两会”悟“精神”抓“落实”

6月11日,全国人大代表、三桥派出所副所长兼金刚里社区民警杨蓉走进迎泽街道,向基层干部群众宣讲全国“

长子县:规范干部选任营造良好政治生态

长子县在干部选任中始终坚持习近平总书记提出的“信念坚定、为民服务、勤政务实、敢于担当、清正廉洁”新时

省委加大年轻干部培养选拔力度,第一批“墩苗”干部奔赴基层主战场

山西日报讯(记者陈俊琦)6月21日,省委选派的第一批300余名干部,顺利完成任前培训后,奔赴基层主战

整装待发,建功基层,我省首批县乡“墩苗”干部任前培训班结业

6月20日下午,经过三天紧张的学习培训,我省第一批县乡“墩苗”干部任前培训班圆满完成培训计划,在山西

农工党山西工商学院委员会、山西省妇幼保健院总支部委员会联合举行全国“两会”精神学习会议

6月5日下午,农工党山西工商学院委员会、山西省妇幼保健院总支部委员会联合举行全国“两会”精神学习会议

古县:从严档案审核,构建干部监督“第一防线”

古县坚持把档案审核作为干部选拔任用的“第一防线”,做到从严“档案鉴别、任前审核、结果运用”,准确把握

广灵县“三严三实”相结合把牢干部档案任前审核关

广灵县立足干部选拔任用工作实际,严格执行任前审核制度,探索开展干部任前档案审核“严实结合”工作方法,

忻府区交通运输局召开2020年度党务工作会议

6月17日,忻府区交通运输局在三楼会议室召开党务工作会议,局领导班子、局机关全体职工,局属各单位党政

关于入党申请,你所关心的都在这儿

(来源|共产党员)

【解读】五年干部教育培训怎样干

迎泽区桥东街道山西现代妇产医院党委开展“三会一课”制度党课学习会

近日,桥东街道山西现代妇产医院党委在党员活动室开展了《规范党建工作,严格执行“三会一课”制度》的党课

省科技厅机关第五党支部与太原锅炉集团所属党支部开展联学主题党日活动

6月6日上午,省科技厅机关第五党支部(重大专项处)、省科技交流中心党支部,太原锅炉集团容器党支部、工