Information and Communications Technology and Policy

Information and Communications Technology and Policy

Information and Communications Technology and Policy ›› 2023, Vol. 49 ›› Issue (2): 20-29.doi: 10.12267/j.issn.2096-5931.2023.02.004

Previous Articles     Next Articles

Government data security compliance analysis and innovation practice

HU Guohua1, WANG Zhendong1, LIU Shaoyu2, LI Qiang3   

  1. 1. TrustNow(Beijing)Technology Co.,Ltd., Beijing 100027, China
    2. Institute of Law, Chinese Academy of Social Sciences, Beijing 100029, China
    3. Hangzhou Beishan Digital Technology Co., Ltd., Hangzhou 310059, China
  • Received:2022-12-20 Online:2023-02-25 Published:2023-03-20

Abstract:

In recent years, with data security laws and regulations continue to be issued, how to ensure the legal compliance of government affairs and other important data security has become the focus of attention of government departments at all levels. This paper focuses on the analysis of the domestic government affairs data security should follow the relevant legal requirements, mainly for the government affairs data related to the “Data security Law”“Personal Information Protection Law”“Critical information infrastructure security protection regulations” compliance requirements for targeted analysis. At the same time, this paper focuses on the difference between data security assessment and data security compliance assessment, and puts forward a set of government data security compliance capability maturity model, which gives three data security compliance maturity levels, and analyzes the key points of compliance assessment of each level. At the end of this paper, an innovative practice idea of government data security compliance is proposed, which can be used as a reference for data security compliance practice of government data processors at all levels.

Key words: data security, data security compliance, government data

CLC Number: