In today’s digital age, information is a valuable resource. Many businesses collect, process, and store personal information about customers, employees, and suppliers. However, the collection and use of personal information also poses significant risks to people’s privacy. Amendment 13 to the Privacy Protection Law strengthens the protection of personal information and requires businesses to meet stricter standards. To protect the privacy of Israeli citizens, the Privacy Protection Law, 5741-1981, was enacted.
Recently, the Israeli Knesset approved Amendment 13 to the Privacy Protection Law, designed to align the law with the evolving technological landscape and enhance privacy protection for Israeli citizens. This amendment introduces substantial changes affecting all businesses in Israel, making it crucial for every business to be aware of these changes and their new obligations.
Key Changes in Amendment 13
Expansion of the Privacy Protection Authority's Powers
The amendment grants the Privacy Protection Authority broader enforcement powers, including the authority to impose increased fines for violations of the Privacy Protection Law. Fines can reach millions of shekels depending on the severity of the violation and the resulting damage.
Strengthening Data Security Requirements
- Implementing advanced protection technologies: Businesses must implement advanced information security measures depending on the level of sensitivity of the data.
- Access management requirements: Businesses are required to ensure access to information only to authorized persons and to conduct periodic audits.
- Monitoring and reporting: Continuous monitoring of access to information must be carried out and serious incidents must be reported to the Privacy Protection Authority.
Increasing transparency regarding the collection and use of personal information
Businesses are obligated to inform customers how their information is used and provide an accessible and clear privacy policy.
Establishing a Data Protection Officer (DPO)
- Certain businesses must appoint a Data Protection Officer (DPO) responsible for ensuring compliance with the law within the organization.
- The DPO is required to oversee regulatory compliance and provide guidance on data security and privacy protection.
Expansion of the Right to Compensation
The amendment expands individuals' rights to claim compensation for privacy violations, even in cases where no direct financial damage has been caused.
What does every business in Israel need to know?
- The amendment applies to all businesses in Israel, regardless of their size or industry.
- Businesses must update their privacy and compliance policy their information to meet the new requirements.
- Implementing advanced data security measures and access controls is mandatory.
- Customers must be provided with clear information on how their data is used.
- Certain businesses are required to appoint a Data Protection Officer (DPO).
Testimonial
Gap mapping and professional advice: It is recommended to map gaps against the requirements of Amendment 13 to the Privacy Protection Law with the help of an expert consultant in the field. This mapping will help the organization identify risks, understand the gaps against the new regulation, and formulate an adapted action plan. This action will ensure compliance with the requirements of the law, prevent exposure to fines, and improve the organization's risk management.
Final Word
The modern world relies increasingly on device security and IoT and operational technology.Amendment 13 to the Privacy Protection Law is a significant change that affects every business in Israel. Businesses must be aware of these changes and take the necessary steps to adapt their activities to the new requirements of the law. Failure to comply with the provisions of the law may lead to high fines and damage to business reputation. Amendment 13 to the Privacy Protection Law is a significant change that affects every business in Israel. Businesses must be aware of these changes and take the necessary steps to adapt their activities to the new requirements of the law. Failure to comply with the provisions of the law may lead to high fines and damage to business reputation.
Cybersecurity and IT – Two Words, One Solution
