Data privacy and cybersecurity

In a highly regulated and complex environment, organisations need to be focused on the data they have; manage and protect it properly; recognise the value it presents as an asset; and be able to generate real benefit from it, safely and without breaching the trust of their customers, users and employees.

Tiang & Partners’ market leading cybersecurity and data protection legal experts provide business-critical support on cybersecurity, data protection, privacy, confidentiality and other security matters to businesses, governments and public authorities in the APAC region and across the world. Working closely with consulting, risk management and forensics professionals in all parts of the PwC global network, we provide a unique end-to-end and seamless service to our clients from strategy development, execution to compliance monitoring. 

How we could help

Cybersecurity and privacy strategy

  • Formulate a data privacy and cybersecurity strategy that suits global, regional and local business needs;
  • Work with the business to establish a risk management mechanism from the organisational and corporate governance perspective;
  • Advise on regulatory responsibilities and obligations under the Personal Information Protection Law (‘PIPL’), PRC Cybersecurity Law (‘CSL’), Data Security Law (‘DSL’), (and other relevant PRC regulations), General Data Protection Regulation (‘GDPR’) and/or Personal Data (Privacy) Ordinance (‘PDPO’).

Review and assess

  • Impact assessment on the application of PIPL, CSL, DSL, GDPR and/or PDPO to the business (e.g., under the CSL determine whether the entity is classed as a Critical Information Infrastructure Operator, ‘CIIO’);
  • Assist the business with data mapping;
  • Health check of cybersecurity and data protection compliance and identify any gaps;
  • Assess the application of the Multi-level Protection Scheme (‘MLPS’) and conduct MLPS assessment and MLPS compliance.

Document drafting and review

  • Draft and/or review policies, procedures, handbooks, codes of conduct, cross-border data flow agreements, and service agreement and support implementation;
  • Draft and/or review agreements with business partners (including network product and service providers);
  • Draft and/or review privacy statements and consent letters on collection, processing, storage and cross-border transfer of personal information.

Crisis support

  • Draft and/or review emergency response plans/business continuity plans;
  • Assist clients with managing interactions with regulators, consumers or other third parties;
  • Investigate and manage cybersecurity breaches and deal with regulatory audits or inspections.

Day-to-day support

  • Privacy mailbox, subject rights and complaints management;
  • Training on cybersecurity and data protection policies and procedures;
  • Regular updates on key regulatory and legal developments in the cybersecurity and data privacy space to help the business keep pace with the evolving landscape.

Awards and recognitions

Winner of “Data Privacy & Protection” category in China – Chiang Ling Li

Lexology Client Choice Awards 2024

In preparation of the China’s first Personal Information Protection Law (PIPL), we have prepared a bilingual flyer to discuss the new China data privacy compliance requirements.

Download Flyer on New China data privacy compliance requirements – English



Contact us

Chiang Ling Li

Chiang Ling Li

Partner, Tiang & Partners

Tel: +[852] 2833 4938

Martyn Huckerby

Martyn Huckerby

Registered Foreign Lawyer (New South Wales, Australia), Tiang & Partners

Tel: +[852] 2833 4918