Israel: Published Privacy Protection Authority Directive No. 1/2024 outlining the responsibilities of the board of directors

On 12 September 2024, the Israel Privacy Protection Authority (PPA) published the Privacy Protection Authority Directive No. 1/2024 outlining the responsibilities of the board of directors in companies where personal data processing is core to their operations or poses a high privacy risk. The directive mandates that boards must oversee compliance with data security regulations, ensure the adoption of policies for data management, and immediately report data security incidents to the Privacy Protection Authority. Furthermore, the board is responsible for establishing internal controls and compliance systems, monitoring their effectiveness, and integrating these policies into company procedures.