What are the penalties for noncompliance with any applicable data protection laws?
Noncompliance with Data Privacy Laws and Data breaches may lead to sanctions, fines, and penalties. The amounts are usually calculated according to the risk to which personal rights were exposed and the preventive measures taken by the data controllers, processors and sub-processors in relation to their respective role in the chain of personal data processing.
Noncompliance with Chinese data protection laws can result in the following consequences (subject to the type of personal information concerned and the nature and severity of non-compliance):
- Administrative penalties, including warnings, confiscation of illegal business earnings, and/or a fine.
- Tort liability.
- Criminal liability.
HR Best Practices: Before processing personal data make sure to be in line the security measures necessary to ensure data security within your organization. Furthermore, ensure all data processors have data breach response plans in place.