摘要
高等教育机构的数据运行过程中存在着泄漏、滥用等风险,虽然当前初具规模的数据类法律规范可在一定程度上应对,但仍具有不成体系之诟病。为此,在高校数据安全管理中引入数据合规机制具有积极意义,既能形成体系化的数据保护模式,又能由“被动式”数据管理迈向“主动式”的数据合规,在提升内部管理效能的同时,保障数据运行的法治化。具体可通过数据合规机制纾解高等教育机构的数据风险:一是基于风险评估确定高校合规制度的体系性之基本内容;二是在数据运行全生命周期中,以分段评估保障高校数据合规制度运行的有效性。最终型塑高等教育机构数据治理的体系性合规方案,确保其数据风险的有效化解。
There are risks such as leakage and abuse in the data operation process of higher education institutions. Although the current data laws and regulations that have begun to take shape can be dealt with to a certain extent, they are still criticized for being fragmented. For this reason, the introduction of a data compliance mechanism in university data security management has a positive value, which can not only form a systematic data protection model but also move from“passive”data management to“active”data compliance and improve internal management. At the same time, it ensures the legalization of data operation. Specifically, the data risk of higher education institutions can be alleviated through the data compliance mechanism: one is to determine the basic content of the system of university compliance systems based on risk assessment;The effectiveness of the operation of the data compliance system. It will ultimately shape a systematic compliance program for data governance in higher education institutions to ensure the effective resolution of data risks.
作者
李瑞华
LI Ruihua(Southeast University,Nanjing 211189)
出处
《中国高教研究》
CSSCI
北大核心
2022年第10期82-88,共7页
China Higher Education Research
基金
2021年国家社科重大项目“数字经济的刑事安全风险防范体系建构研究”(21&ZD209)
2022年江苏高校哲学社会科学研究重大项目“要素市场化配置视域下数据交易安全的刑法规制研究”(2022SJZD001)的研究成果。
关键词
高校数据安全
数据保护合规
风险评估
体系性
university data security
data protection compliance
risk assessment
systematic
