Search for:

Skip to content

Personal Information Protection Law of the People’s Republic of China (PIPL)
Chapter I – General Provisions
Chapter II – Personal Information Handling Rules
Chapter III – Rules on Provision of Personal Information Across the Border
Chapter IV Individuals’ Rights in Personal Information Handling Activities
Chapter V – Obligations of Personal Information Handlers
Chapter VI – Departments with Personal Information Protection Duties
Chapter VII – Legal Liability
Chapter VIII – Supplementary Provisions
XL Law & Consulting PIPL Website Privacy Statement

Article 56 – Contents of Impact Assessments

The assessment of impact on personal information protection shall include the following contents:

whether the purposes and means of personal information handling, are legitimate, justified and necessary;
the impact on individuals’ rights and interests, and security risks; and
whether the protection measures taken are legitimate, effective, and compatible with the degree of risks.

The report of the impact assessment on personal information protection and the handling record shall be retained for at least three years.

Related provisions:

Conditions requiring an impact assessment
Legal bases for handling personal information
Technical and organizational security measures

Relevant PIPL Compliance Documents
(Subscription Services Required)

PIPL impact assessment template
Cross-border transfer PIPL impact assessment template

For detailed information on XL Law Subscription content, click here or email subscriptions@xllawconsulting.com.

This PIPL text is adapted from the National People’s Congress’s translation of the official PIPL text as originally written in Chinese and contains minor editorial changes for clarity, including article titles added by XL Law & Consulting P.A.

Although XL Law & Consulting P.A. goes to great lengths to make sure the information on the website is accurate and up to date, we make no claim as to the accuracy of this information and are not responsible for any consequences that may result from the use of this website.

© 2022 XL Law & Consulting P.A. - Privacy Policy

Personal Information Protection Law of the People’s Republic of China (PIPL)
Chapter I – General Provisions
Chapter II – Personal Information Handling Rules
Chapter III – Rules on Provision of Personal Information Across the Border
Chapter IV Individuals’ Rights in Personal Information Handling Activities
Chapter V – Obligations of Personal Information Handlers
Chapter VI – Departments with Personal Information Protection Duties
Chapter VII – Legal Liability
Chapter VIII – Supplementary Provisions
XL Law & Consulting PIPL Website Privacy Statement