01.10.2024 10:16:00
Дата публикации
The rules for the implementation of measures to protect personal data by the owner and operator, as well as a third party, have been amended.
The corresponding order was signed by the acting head of the MCRIAP. The document will come into force on January 8, 2025.
The amendments, among other things, provide for the following:
“The storage of personal data contained in electronic information resources is carried out by the owner and (or) operator, as well as a third party, in an electronic database located in a server room or data processing center located on the territory of the Republic of Kazakhstan, with the adoption of the necessary measures to protect personal data in accordance with these Rules.”
Recall that in December last year, the head of state Kassym-Jomart Tokayev signed a law regulating the procedure for promptly responding to data leaks. The document took into account the provisions proposed by EDF experts, one of which is the need for personal data operators to inform the regulator in the event of a leak within one working day.
(text translation is done automatically)
The corresponding order was signed by the acting head of the MCRIAP. The document will come into force on January 8, 2025.
The amendments, among other things, provide for the following:
“The storage of personal data contained in electronic information resources is carried out by the owner and (or) operator, as well as a third party, in an electronic database located in a server room or data processing center located on the territory of the Republic of Kazakhstan, with the adoption of the necessary measures to protect personal data in accordance with these Rules.”
Recall that in December last year, the head of state Kassym-Jomart Tokayev signed a law regulating the procedure for promptly responding to data leaks. The document took into account the provisions proposed by EDF experts, one of which is the need for personal data operators to inform the regulator in the event of a leak within one working day.
EDF experts Ruslan Daiyrbekov and Elzhan Kabyshev, who were part of the working group developing the new amendments, took into account the positive experience of the EU, where the General Data Protection Regulation (GDPR) is already in effect, requiring that any breaches of personal data security be documented, including their circumstances, consequences, and measures taken to correct the situation.
(text translation is done automatically)
