Compare with different regulatory event:
On 7 October 2016, the Personal Data Protection Act, including cybersecurity regulation, was implemented, 6 months after its publication in the official Gazette. In particular, the Act requires entities to implement preventive and detective security measures to ensure the protection of the personal data stored against unlawful access. Furthermore, the Act requires entities to notify the data subject and authorities in case of data breaches.
Original source