The Office of the Privacy Commissioner for Personal Data in Hong Kong released guidance on requirements for cross-border data transfers under China's Personal Information Protection Law. The guidance discusses processors' obligations to collect consent and perform data protection impact assessments. Additionally, processors will either use an authorized transfer mechanism or have government clearance before executing a transfer, meeting Article 38 of the PIPL. Editor's note: The IAPP's Jennifer Bryant discussed PIPL compliance with a range of privacy professionals.
If you want to comment on this post, you need to login.