You may not expect that legislation passed in the People’s Republic of China could potentially impact Australian organisations that have little connection to mainland China. But the PIPL, with its significantly wide jurisdictional reach, does exactly that.
On 1 November 2021, China’s Personal Information Protection Law (PIPL) commenced in the People’s Republic of China, and established a framework for collection, storage, and disclosure of personal information.
Whilst there are many similarities between the PIPL and the GDPR, the schemes are not identical.
Penalties for non-compliance may be severe and many organisations may need to review or amend their existing privacy and data handling policies, controls and processes. You may also need to reconsider how and where your organisation handles personal information to ensure compliance.
The items in this PIPL Applicability Assessment Questionnaire can provide a baseline for organisations to check whether a detailed analysis of the PIPL should be undertaken.
Enter your details for instant access to this free questionnaire.