As a result of the ever increasing digitalization of all business sectors, data protection is now more important than ever before. New laws and draft laws strive to provide the much needed protection of personal and important data. However, better data protection also implies higher and stricter standards when handling data - not only for companies within but also for companies outside of China. Therefore, understanding the legal requirements and their practical implication for your company when handling data is crucial for a sound mid- and long-term business development.

The Cyber Security Law and related guidance incurred lot of question marks in the business world. When, how, where, what to do? To find a way being compliant with the law and keep the competition position at the same time is an important aspect. The action today and the discussion about the future strategy in IT infrastructure, ERP operating, HR system and processes, and even in the product design etc. was given new restrictions and possibilities.

IT has turned to understand data not just as the filling of little cells in a data base, but as an information with content, meaning and value. Users became sensitive on that; legislators start to regulate. Companies have to react on new guidelines, customer’s and public opinion while keeping their interest of company owned process knowledge and security. Which data are affected and what has to be done? Is the IT technology ready for this changed view on data deployment?

The 2020 will be the decade of local regulation of internet-based services. The practical implications for int. companies active in the Chinese market are (1) the separation of data bases from HQ and (2) the need for more freedom to make decisions and design solutions locally.