
Second Schedule
Second Schedule: Databases subject to high level of security...
Second Schedule: Databases subject to high level of security...
First Schedule: Databases subject to medium level of security...
Chapter 25: These Regulations shall apply in addition to provisions concerning data security in other enactments unless there is a conflict between them...
Chapter 24: Regulations 2, 3, 9, 10, 12, 13, 14 and 15 of the Protection of Privacy Regulations (Conditions for Data Storage and Protection and Data Transfer Between Public Bodies) 5746-1986 – are null and void....
Chapter 23: Notwithstanding the provisions of Regulation 7(a), with respect to those who are authorized users on the day these Regulations take effect...
Chapter 22: These Regulations will take effect one year after their publication...
Chapter 21: With respect to databases subject to high level of security - Regulation 1 to 20 shall apply...
Chapter 19: The obligations that apply in these Regulations to a database controller will also apply to a database manager, and with the exception of the obligations prescribed in Regulations 2 and 15(a)...
Chapter 18: In a database subject to medium or high security level, the database controller will prescribe in a document...
Chapter 17: A database controller will retain the data collected when implementing the provisions of Regulation 6(b), 8 to 11, 14, 15(a)(4) and 16, to the extent these Regulations apply to him, in a secure manner for 24 months...
Chapter 16: In a database subject to medium or high security level, the database controller is responsible to conduct, at least once in 24 months...
Chapter 15: A database controller will not connect the database systems to the Internet or to another public network without installing the appropriate safeguards against unauthorized penetration...
Chapter 14: A database controller will not connect the database systems to the Internet or to another public network without installing the appropriate safeguards against unauthorized penetration...
Chapter 13: A database controller will ensure that the database systems are managed and operated properly, as commonly acceptable in the operation of such systems...
Chapter 12: A database controller will restrict or deny the option to connect portable devices to the database systems in a manner which is compatible with the information security level applicable to the database...
Chapter 11: A database controller is responsible to document every case in which an event was discovered, raising concern regarding a breach of the data integrity...
Chapter 10: In the systems of a database subject to medium or high security level, an automatic recording mechanism shall enable monitoring the access to the database systems...
Chapter 9: A database controller will take appropriate measures under the circumstances, and according to the nature and kind of the database...
Chapter 8: A database controller will determine access permissions of authorized users to the database and database systems in accordance with the role's responsibilities...
Chapter 7: A database controller will not grant access to information stored in the database and will not change the scope of authorization granted...
Chapter 6: A database controller will ensure that the systems listed in Regulation 5(a)(1) are maintained in a secure place, preventing unauthorized penetration and entry...
Chapter 5: A database controller will maintain an up-to-date document of the database structure, as well as an up-to-date inventory of the database systems, including...
Chapter 4: A database controller will prescribe a written data security procedure (“the Procedure”) according to the database definitions document and these Regulations...
Chapter 3: Where there is a duty to appoint a data security officer, or where a data security officer of the database has been appointed, the following provisions shall apply...
Chapter 2: A database controller will specify in the database definitions document (the “database definitions document”) at least the following matters...
Chapter 1: Severe security incident - any of the following...