Also in the news...
Foreign travel advice Indonesia
FCDO advises against all travel to parts of Indonesia.
Foreign travel advice Romania
Warnings and insurance Still current at: 24 April 2024 Updated: 23 April 2024 Latest update: Information related to drug offences and Romanian music festivals (under 'Laws and cultural differences' subheading on the 'Safety and security' page).
Foreign travel advice The Gambia
Warnings and insurance Still current at: 23 April 2024 Updated: 22 April 2024 Latest update: Ferry services between Banjul and Barra have been suspended until further notice; The Islamic Summit of the OIC (Organisation of Islamic Cooperation) will be held in Banjul on 4-5 May; road closures and delays at Banjul International Airport ('Safety and security' page).
Foreign travel advice China
Warnings and insurance Still current at: 23 April 2024 Updated: 22 April 2024 Latest update: Updated information on flooding (‘Safety and security’ page).
Guidance Living in South Korea
Information for British citizens moving to or living in South Korea, including guidance on residency, healthcare, driving and more.
China Enacts Personal Information Protection Law
China recently passed new personal data protection legislation called the Personal Information Protection Law (PIPL) that impacts companies managing employees and business in China.
The new law went into effect as of November 1, 2021 and is similar in scope to GDPR in the European Union. Failure to comply with these new requirements will result in significant fines and penalties from the Chinese government. So what do you need to know about PIPL?
The new legislation is focused on several key components of data security:
- Obtaining consent for processing personal information
- Governance within each organization
- Storage of data and cross-border transfer of data
- Data subject rights
- Personal information processor obligations
To ensure compliance with the new PIPL regulations, the first step is to understand and identify any personal information your company collects and determine if the information is needed in order to do business. Once you have identified personal information you collect, determine if there is any “sensitive” information that could cause harm or damage to the safety of the data subject. Sensitive information can include health or biometric data, financial and specific identifying information of a person, religious affiliations, etc.
If you are transferring data across borders, determine if your organization is a Critical Information Infrastructure Operator (CIIO), as you must have a safety evaluation completed by the Cyberspace Administration of China (CAC).
You must inform employees (or other data subjects) and get consent about their personal information processed by the company, including name and contact of personal information user, the purpose and way personal information is processed, the length of storage of personal data and what information is collected and processed, where data is being processed, and if there are any 3rd party processors.
There are many other detailed aspects and requirements related to PIPL in China. If you need help with your HR compliance or more guidance on the new PIPL regulations, we can help. Our team can help you ensure payroll and HR compliance for your employees in China. Click here to get started