Are There Exemptions from the Data Security Regulations?

According to guidelines published by the Privacy Protection Authority, banking corporations which are subject to the authority of the Supervisor of Banks and insurers and other financial service providers which are subject to the authority of the Capital Market, Insurance and Savings Commissioner, are exempt from most (but not all) obligations under the Protection of Privacy Regulations (Data Security) 5777-2017. These entities are presumed to be compliant with the regulations by virtue of their compliance with their specific regulator’s directives. The same applies to entities which are ISO 27001 certified.