China is set to implement a ten-minute response time requirement for handling data breaches.

China has released a draft Contingency Plan for data security incidents, introducing stringent deadlines for addressing significant breaches. The proposed plan includes a four-tier classification system aimed at enhancing China’s response to data security incidents, reflecting the government’s increasing concerns about large-scale data leaks and cyber threats within the country. This initiative comes against the backdrop of heightened geopolitical tensions with the United States and its allies. The move follows a notable incident last year when a hacker asserted having obtained a substantial amount of personal information on one billion Chinese individuals from the Shanghai police.

China’s Ministry of Industry and Information Technology (MIIT) has released a comprehensive draft plan outlining the procedures for assessing and responding to data security incidents by local governments and companies.

The plan, currently open for public feedback, introduces a four-tier, color-coded system based on the severity of the impact on national security, a company’s online and information network, or the overall economy.

According to the proposal, incidents causing losses exceeding 1 billion yuan ($141 million) and impacting the personal information of over 100 million people or the “sensitive” information of over 10 million people will be classified as “especially grave,” triggering a red warning.

In response to red and orange warnings, the plan mandates that involved companies and relevant local regulatory authorities establish a 24-hour work schedule to address the incident. MIIT must be notified of the data breach within ten minutes of its occurrence, among other specified measures.

MIIT emphasized that if an incident is deemed severe, immediate reporting to the local industry regulatory department is required, with no allowance for delayed reporting, false reporting, concealment, or omission of reporting.


6 responses to “China is set to implement a ten-minute response time requirement for handling data breaches.”

  1. Its like you read my mind You appear to know a lot about this like you wrote the book in it or something I think that you could do with some pics to drive the message home a little bit but instead of that this is fantastic blog An excellent read I will certainly be back

  2. Excellent blog here Also your website loads up very fast What web host are you using Can I get your affiliate link to your host I wish my web site loaded up as quickly as yours lol

  3. I loved as much as you will receive carried out right here. The sketch is attractive, your authored material stylish. nonetheless, you command get got an impatience over that you wish be delivering the following. unwell unquestionably come more formerly again since exactly the same nearly a lot often inside case you shield this hike.

Leave a Reply

Your email address will not be published. Required fields are marked *