Last week, HR Policy Global Members in Asia gathered for an information and networking webinar on the implementation of the China Personal Information Protection Law (PIPL) with a focus on the impact on employers and the management of employee data.
Often described as “China’s GDPR” in reference to the EU’s data privacy regulation, the PIPL contrasts with the GDPR in several notable ways, including by requiring “immediate” reporting of data breaches to the appropriate authorities (with no requirement to report to affected individuals) and, potentially, significantly larger fines.
Presented by Jonathan Isaacs and Zhenyu Ruan from Baker McKenzie, the session detailed the importance of having thorough privacy policies within employee handbooks—and ensuring those handbooks have been ratified through appropriate consultation mechanisms.
Additionally, employers should assess whether third parties are data processors, which may trigger additional employee consent requirements. The presenters also discussed the movement of employee data across borders and the options for meeting consent requirements.
If you missed this informative session, a recording is available for HR Policy Global members here.