On October 28, Lao Niu Philanthropy Class(the 24th session) held an online. This activity is coordinated with Inner Mongolia Civil Affairs Department (Charity Promotion and Social Work Department) and Inner Mongolia Huayi Public Affairs Service Center, 644 people from Inner Mongolia's social organizations, some colleges, community service organizations, enterprises and public institutions, as well as public welfare partners from Beijing, Shanghai, Guangzhou, Sichuan and other places participated in the learning exchange.
Lin Wenyi, Director/director of Shanghai Fuen Social Organization Legal Research and Service Center, founding partner of Shanghai Fuguan Law Firm and course tutor of China Global Philanthropy Institute, shared a course themed "Social Organization and Data Security in the Information Age". This paper analyzes the relationship between data security and personal information protection and social organizations, compliance requirements for personal information protection, compliance requirements for data security and countermeasures for social organizations, and shared action strategies for compliance operation, data security system improvement and risk control system construction of social organizations through cases.
What does data security and personal information protection have to do with social organizations?
The public sector's awareness of data security is still in the process of being established. Through the introduction of data, personal information and other basic concepts, the data security and personal information protection scenarios involved in social organizations, data processing and analysis in philanthropy projects, establishing the connection point between data security and personal information protection laws and the business of social organizations.
What are the compliance requirements for personal information protection?
Through the analysis of common personal information processing behaviors in philanthropy projects, combined with cross-border transmission, project execution, personnel management, network operation and other use scenarios and cases involving personal information, the misunderstanding of the public, the principle of the necessity of personal information protection compliance and the legality of use are analyzed.
What are the compliance requirements for data security?
Social organizations and their philanthropy projects involve the collection, processing and sharing of data. Security assessment, risk prevention and legal compliance should be carried out in terms of data source, content, use scope, purpose, method and time limit.
How should social organizations respond?
Based on the case, five suggestions are given for social organizations to deal with data security and personal information protection: (1) Sorting out the data types and the dynamic lines of data processing in the organization's business and projects, and what special scenarios are involved; (2) The position and role of the analysis institution in various data processing activities; (3) Confirm whether relevant documents and contracts have been signed and used, as well as the corresponding statutory and agreed compliance obligations; (4) Establish the internal data management system and improve the internal related document templates; (5) Provide relevant training to ensure that personnel have sufficient knowledge to handle relevant scenarios.