Path:
Home >
GB/T >
Page207 > GB/T 42013-2022
Price & Delivery
US$469.00 · In stock · Download in 9 secondsGB/T 42013-2022: Information security technology - Data security requirements for express logistics services
Delivery: 9 seconds. True-PDF full-copy in English & invoice will be downloaded + auto-delivered via email. See
step-by-step procedureStatus: Valid
| Std ID | Version | USD | Buy | Deliver [PDF] in | Title (Description) |
| GB/T 42013-2022 | English | 469 |
Add to Cart
|
4 days [Need to translate]
|
Information security technology - Data security requirements for express logistics services
|
Click to Preview a similar PDF
Basic data
| Standard ID | GB/T 42013-2022 (GB/T42013-2022) |
| Description (Translated English) | Information security technology - Data security requirements for express logistics services |
| Sector / Industry | National Standard (Recommended) |
| Classification of Chinese Standard | L80 |
| Classification of International Standard | 35.030 |
| Word Count Estimation | 22,261 |
| Date of Issue | 2022-10-12 |
| Date of Implementation | 2023-05-01 |
| Issuing agency(ies) | State Administration for Market Regulation, China National Standardization Administration |
GB/T 42013-2022: Information security technology - Data security requirements for express logistics services
---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.
Information security technology - Data security requirements for express logistics services
ICS 35.030
CCSL80
National Standards of People's Republic of China
Information Security Technology Express Logistics Service Data Security Requirements
logistics services
2023-05-01 implementation
State Administration for Market Regulation
Released by the National Standardization Management Committee
table of contents
Preface I
1 Scope 1
2 Normative references 1
3 Terms and Definitions 1
4 Abbreviations 3
5 Overview 3
5.1 Composition of Express Logistics Service Business 3
5.2 Data scope of express logistics service 4
6 Basic Requirements 4
7 Data Collection 4
7.1 Collection of personal information 4
7.2 Applying for system permissions 5
7.3 Informed Consent 5
8 Data storage and transmission 5
8.1 Data Storage 5
8.2 Data transmission 5
9 Data usage and processing 6
9.1 Data Display 6
9.2 Data Access 6
9.3 Data export 7
9.4 Personalized recommendation 7
9.5 Logging and Auditing 7
10 Data provision and disclosure 7
11 Data deletion 8
12 Data Export 8
13 Rights of Personal Information Subject 8
14 Data Security Protection in Typical Business Scenarios of Express Logistics Service 9
14.1 Courier service 9
14.2 Smart Express Box and Smart Mailbox 9
14.3 Receiving and dispatching mobile operation terminals 10
Appendix A (Informative) Data Processing Activities and Security Risks of Express Logistics Services 11
Appendix B (Informative) Reference Rules for Identification of Important Data in Express Logistics Services and Example of Data Classification 13
Appendix C (Informative) Scope of Personal Information Collection and Use Requirements for Common Extended Business Functions of Express Logistics Services 14
Appendix D (Informative) Application Scope and Requirements for System Permissions of Express Logistics Service App 15
Appendix E (informative) information query feedback rules 16
Reference 18
foreword
This document is in accordance with the provisions of GB/T 1.1-2020 "Guidelines for Standardization Work Part 1.Structure and Drafting Rules for Standardization Documents"
drafting.
Please note that some contents of this document may refer to patents. The issuing agency of this document assumes no responsibility for identifying patents.
This document is proposed and managed by the National Information Security Standardization Technical Committee (SAC/TC260).
This document was drafted by. S.F. Express Co., Ltd., China Institute of Electronic Technology Standardization, Peking University, China Post Express Logistics Co., Ltd.
Co., Ltd., Beijing Jingdong Zhenshi Information Technology Co., Ltd., Zhejiang Cainiao Supply Chain Management Co., Ltd., Suning Tesco Group Co., Ltd.
Company, China Power Great Wall Internet System Application Co., Ltd., China Academy of Information and Communications Technology, Xi'an University of Posts and Telecommunications.
The main drafters of this document. Liu Yuxia, Shangguan Xiaoli, Zhou Chenwei, Xie Anming, Hu Ying, Lin Yabing, Li Lin, Yang Yubing, Wang Chao, Yan Shaomin,
Hong Xiaochong, Wang Tao, Min Jinghua, Yang Qing, Zhao Xinqiang, Zhang Jin, Wang Jiao, Wang Sen, Zhang Lin, Guo Qi, Wu Jianfeng, Huang Lin, Kang Qiong, Fu Wei, Liu Jia, Cao Jing,
Jing Wei, Zhang Yong.
Information Security Technology Express Logistics Service Data Security Requirements
1 Scope
This document specifies the data processing activities of express logistics services such as collection, storage, transmission, use, processing, provision, disclosure, deletion, and export.
security requirements.
This document is applicable to express logistics service providers to standardize data processing activities, and can also be used by regulatory authorities and third-party evaluation agencies to
Provide a reference for monitoring, managing, and evaluating stream service data processing activities.
2 Normative references
The contents of the following documents constitute the essential provisions of this document through normative references in the text. Among them, dated references
For documents, only the version corresponding to the date is applicable to this document; for undated reference documents, the latest version (including all amendments) is applicable to
this document.
GB/T 25069 Information Security Technical Terms
GB/T 35273-2020 Personal Information Security Specifications for Information Security Technology
GB/T 37988 Information Security Technology Data Security Capability Maturity Model
GB/T 39335 Information Security Technology Personal Information Security Impact Assessment Guidelines
GB/T 41391-2022 Information Security Technology Mobile Internet Application (App) Basic Requirements for Collection of Personal Information
GB/T 41479 Information Security Technology Network Data Processing Security Requirements
3 Terms and Definitions
GB/T 25069, GB/T 35273-2020 and the following terms and definitions apply to this document.
3.1
Express mail delivery service within the promised time frame.
Note 1.Express logistics services mentioned in this document do not include road cargo transportation services.
Note 2.It involves the complete activities from receiving the user's order to delivering the item to the user, usually including services such as placing an order, picking up items, packaging, transferring, and delivering items
links.
[Source. GB/T 27917.1-2011, 2.1, modified]
3.2
sender user senderandaddresser
Individuals or organizations using express logistics services (3.1).
Note. Including the sending user and the receiving user, referred to as "user" in this document.
3.3
The general term for express logistics service organizations (3.4), express logistics service acceptance organizations (3.6), and express storage organizations (3.7).
Note. This document is referred to as "provider".
...
