Path: Home > GB/T > Page206 > GB/T 45396-2025

Price & Delivery

US$599.00 · In stock · Download in 9 seconds
GB/T 45396-2025: Data security technology - Security requirements for government data processing
Delivery: 9 seconds. True-PDF full-copy in English & invoice will be downloaded + auto-delivered via email. See step-by-step procedure
Status: Valid

Std ID	Version	USD	Buy	Deliver [PDF] in	Title (Description)
GB/T 45396-2025	English	599	Add to Cart	5 days [Need to translate]	Data security technology - Security requirements for government data processing

GB/T 45396-2025: Data security technology - Security requirements for government data processing

---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.
ICS 35.030 CCSL80 National Standard of the People's Republic of China Data security technology Government data processing security requirements Released on 2025-03-28 2025-10-01 Implementation State Administration for Market Regulation The National Standardization Administration issued

Table of contents

Preface III 1 Scope 1 2 Normative references 1 3 Terms and Definitions 1 4 Government Data Processing Security Framework 1 5 Safety system requirements 2 5.1 Organizational guarantee 2 5.2 Institutional System 4 5.3 Entrusted Management 4 5.4 Personal Information Protection 5 6 Safety technical protection requirements 5 6.1 Data Collection 5 6.2 Data Storage 6 6.3 Data Usage 6 6.4 Data Processing 6 6.5 Data Transmission 6 6.6 Data provision 7 6.7 Data Disclosure 7 6.8 Data Destruction 7 7 Safety operation management requirements 8 7.1 Basic Environment 8 7.2 Data Processing 8 7.3 Compliance Assessment 8 7.4 Risk Assessment 8 7.5 Risk Monitoring 8 7.6 Situational Awareness 9 7.7 Early warning notification 9 7.8 Emergency Response 9 7.9 Incident Reporting 9 7.10 Origin Analysis 9 7.11 Security Audit 9 7.12 Social Supervision 9 Appendix A (Informative) Government Data Security Compliance Assessment Methods and Evaluation Indicators 10 A.1 Government Data Security Compliance Assessment Methods10 A.2 Government Data Security Compliance Evaluation Indicators12 Reference 23

Foreword

This document is in accordance with the provisions of GB/T 1.1-2020 "Guidelines for standardization work Part 1.Structure and drafting rules for standardization documents" Drafting. Please note that some of the contents of this document may involve patents. The issuing organization of this document does not assume the responsibility for identifying patents. This document was proposed and coordinated by the National Cybersecurity Standardization Technical Committee (SAC/TC260). This document was drafted by. National Information Center, Jiangxi Big Data Center, Sangfor Technologies Co., Ltd., Guizhou Information Center, Institute of Information Engineering, Chinese Academy of Sciences, Guangdong Provincial Government Services and Data Management Bureau, Zhejiang Provincial Data Bureau, Zhejiang Provincial Big Data Development Center, Anhui Big Data Center, Wuxi Data Bureau, Beijing Big Data Center, Zhejiang Development Information Security Evaluation Technology Co., Ltd., China Telecom Electronic Technology Standardization Institute, Qi'anxin Wangshen Information Technology (Beijing) Co., Ltd. The main drafters of this document are. Xu Chunxue, Ren Fei, Luo Haining, Cheng Zidong, Luan Guochun, Song Botao, Tian Zhipan, Wang Pengbiao, Yu Xiaolei, Ma Zaiying, He Liming, Luo Huayang, Yu Jing, Luo Qiwei, Zhu Dian, Wang Hu, Zhao Chengyao, Zhao Zhangjie, Jiang Zihai, Wang Jun, Xu Xia, Li Ting, Xu Yujia, Bai Yuqiang. Data security technology Government data processing security requirements

1 Scope

This document proposes a security framework for government data processing, specifies security system requirements, security technology protection requirements and security operation management requirements. Management requirements. This document is applicable to regulating the government data processing activities of government departments and technical support institutions, as well as competent (supervisory) departments, third-party institutions, supervision and evaluation by the relevant agencies.

2 Normative references

The contents of the following documents constitute essential clauses of this document through normative references in this document. For referenced documents without a date, only the version corresponding to that date applies to this document; for referenced documents without a date, the latest version (including all amendments) applies to This document. GB/T 22239 Information security technology Network security level protection basic requirements GB/T 35273 Information security technology Personal information security specification GB/T 39477 Information security technology - Technical requirements for government information sharing data security GB/T 39786 Information security technology Basic requirements for the application of cryptography in information systems

3 Terms and definitions

The following terms and definitions apply to this document. 3.1 Government data government data Data generated, collected and managed by government departments at all levels in the process of performing their duties in accordance with the law. 3.2 Organizations and individuals who independently decide on the purpose and method of processing government data in government data processing activities. [Source. GB/T 43697-2024, 3.11, modified] 4.Security Framework for Government Data Processing Based on the network security level protection of government data infrastructure, a government data processing security framework is proposed for government data processors. The framework consists of three parts. security system specifications for government data processing, security technology protection, and security operation management, as shown in Figure 1. ...