[SMM Hydrogen Energy Policy Express] The National Energy Administration clarified the classification rules for energy data, incorporating hydrogen energy as a primary category of energy types.

Published: Jul 8, 2026 14:29

The National Energy Administration (NEA) recently released the "Guidelines for Data Classification and Grading in the Energy Sector (2026 Edition)," which took effect on July 1, 2026. The guidelines apply to the classification and grading of non-confidential data in the energy sector within the territory of the People's Republic of China, aiming to standardize data processing activities in the energy sector and strengthen data security management.

According to the document, the classification dimensions for energy sector data include energy types, energy activities, and others. Specifically, by energy type, the first-level data classification includes coal, oil, natural gas, nuclear energy, hydropower, wind energy, solar energy, biomass energy, geothermal energy, ocean energy, electricity, hydrogen energy, etc. This means hydrogen energy has been formally incorporated into the first-level data classification system of the energy sector.

By energy activity, the second-level data classification includes planning, design, construction, production, storage and transportation, consumption, scientific research, etc. Data processors in the energy sector may further implement third-level and fourth-level classification management based on data content and characteristics.

In terms of data grading, the guidelines specify that energy sector data is classified into three levels—general data, important data, and core data—based on factors such as importance, accuracy, scale, and security risks. Derivative data generated through processing such as statistics, correlation, mining, and aggregation of important data or core data, if still recoverable or restorable to important or core data, shall in principle be managed at the original level.

The document also proposes that if data, after desensitization processing, cannot be recovered or restored to important or core data, the relevant data may be downgraded in accordance with the rules. Specifically, core data may be downgraded to important data or general data, and important data may be downgraded to general data.

The guidelines provide explicit provisions on the identification rules for important data and core data in the energy sector. Geographic location coordinates data with an accuracy better than or equal to 100 meters for certain important energy infrastructure, as well as materials containing such coordinates data, are classified as important data in the energy sector. Such infrastructure includes coal mines with an annual output of 10 million mt or more, thermal power stations, hydropower stations, and nuclear power stations of specific scales, and substations, switching stations, and converter stations above 750 kV.

Real-time command data for the production and operation of certain energy infrastructure are also included in the scope of important data, including those from hydropower stations of specific scales, substations and converter stations above 750 kV, and relevant data from the dispatch and control system of the Oil & Gas Control Center of PipeChina.

In terms of power consumption data, the raw power consumption data of super important power users, first-level and second-level important power users in the national defense and military category, as well as the raw power consumption data of 10 million or more power users, are recognized as important data in the energy sector. The raw power consumption data of super important power users for a continuous period of one year or more, and the raw power consumption data of 100 million or more power users, are classified as core data in the energy sector.

A relevant official of the NEA stated that the guidelines were issued to promote the implementation of the Data Security Law of the People's Republic of China in the energy sector, and together with the "Data Security Management Measures for the Energy Sector (Trial)," they form the basic management system for data security in the energy sector. The guidelines will guide data processors in classifying and grading the non-confidential data they hold in the energy sector, accurately identifying important data and core data, and strengthening management and security protection as required.

Regarding the follow-up work for energy sector data processors, the NEA proposed that they should identify and compile a catalogue of important data for their organization in the energy sector in accordance with the guidelines, and submit it as required to the provincial energy regulatory authorities at the location of the data carrier. If significant changes occur to the catalogue, it should be resubmitted within three months.

At the same time, relevant entities shall establish and improve data security management systems, define data lifecycle management requirements, adopt necessary technical measures, and implement institutional requirements such as graded protection of cybersecurity, security protection of critical information infrastructure, cryptographic protection, and confidentiality, to ensure that important data and core data in the energy sector are in a state of effective protection and lawful utilization.

The document also requires that processors of important data and core data conduct at least one risk assessment of their data processing activities each year, which may be carried out by themselves or commissioned to third-party institutions with risk assessment capabilities, and submit the assessment reports as required by provincial energy regulatory authorities. Where cross-border transfer of important data or cross-entity transfer of core data is involved, a risk assessment shall be applied for in accordance with relevant regulations.

The NEA stated that the identification rules for important data and core data in the energy sector are not fixed. Going forward, they will be continuously analyzed and assessed in light of developments in the national security situation and data security management needs, and will be revised and improved when appropriate.

Data Source Statement: Except for publicly available information, all other data are processed by SMM based on publicly available information, market communication, and relying on SMM's internal database model. They are for reference only and do not constitute decision-making recommendations.

For any inquiries or for more information, please contact: lemonzhao@smm.cn
For more information on how to access our research reports, please contact:service.en@smm.cn
Register to Continue Reading
Gain access to the latest insights in metals and new energy
Already have an account?Sign in here