In April 2020, the Ministry of Industry and Information Technology (MIIT) published the Guide for the Construction of the Network Data Security Standards System (Draft for Comments).
1. Two-stage goal for the construction of the network data security standards system.
2. The network data standards system.
The network data standards system proposed by MIIT includes four parts: Basic and Common Standards for Network Data Security, Standards for Key Technology of Network Data Security, Security Management Standards for Network Data, and the Network Data Security Standards for Key Industries.
2.1 Basic and Common Standards for Network Data Security
2.2 Standards for Key Technology of Network Data Security
2.3 Security Management Standards for Network Data
2.4 Network Data Security Standards for Key Industries
3. The Status Quo of Chinese Network Data Security Standards and Reasons for MIIT to Draft the Construction Guide.
Attachment 2 of the Construction Guide sorts out more than 100 network data security standards that have been issued and formulated in recent years. As stated in the compilation instructions of the Construction Guide, at present, China’s network data security standardization has problems such as lacking a network data security standards system and key standards in some key areas. For example, the standards for data destruction have not yet been formulated. But, among the security management standards for data security specifications, 13 of the 15 national standards are specifically for the management of personal data. This not only shows the determination of the Chinese regulatory authorities to manage the compliance of personal data, it also reflects the lack of comprehensiveness of the national network data security standards system. To further develop the network data security standards system, MIIT established a working group to draft the Construction Guide. Members of the working group include China Information and Communication Research Institute, China Communications Standards Association, some Chinese telecommunications companies, internet companies, and security companies, etc.
For more details in Chinese, please see the attached document and the link below:
MIIT: Guide for the Construction of the Network Data Security Standards System (Draft for Comments)
By Luna ZHAO on April 30,2020.