On Tuesday, Israel’s new privacy protection regulations came into force.
For daily updates, subscribe to our newsletter by clicking here.
The new regulations, approved last year, attempt to bring the country up-to-speed with the European Union’s General Data Protection Regulation (GDPR), to be enforced starting later this month.
The Israeli regulations outline the duties of all companies and non-profit organizations operating in Israel and running or processing a database which contains personal information.
For the first time in Israel, it will be mandatory to report significant security breaches to an Israeli government entity which can also demand that users and customers be informed of the breach and possible ensuing risks.
Some of the legal requirements for database holders in Israel now include submitting a document outlining the purpose and use of the database, separating the database files from other systems, taking cybersecurity measures to protect the database, limiting the use of mobile devices, implementing user authentication tools and appointing data protection and physical security personnel.
While less demanding than GDPR, penalties for infringement of the new local regulations include not only fines, but also a maximum prison sentence of up to five years. Affected parties can also file for damages in civil suits in Israel.