Chinese cybersecurity officials announced new measures Saturday designed to strengthen data classification requirements for financial information services, saying the move will enhance security management and provide better industry oversight.
The Cyberspace Administration of China outlined a four-tier system that will categorize data as core, important, sensitive general, or routine general, with classifications determined by how critical the information is, its sensitivity level, and what damage could result if the data were compromised.
Six additional government departments collaborated on the announcement, including the People’s Bank of China.
The nation has been building up its data protection laws in recent years, progressing from broad legislative measures to more targeted regulations for specific industries.
According to the new guidelines, “Financial information services are developing in an orderly manner, and the volume of data is expanding … which urgently requires standardised, classified and graded management.”
The regulations will not cover information related to state secrets or military matters.
