Digital Policy Alert logo

Russia: Implemented Federal Law No. 266-FZ amending 152-FZ on Personal Data (Bill No. 101234-8) including cybersecurity regulation

Policy overview

Description

Implemented Federal Law No. 266-FZ amending 152-FZ on Personal Data (Bill No. 101234-8) including cybersecurity regulation

On 1 September 2022, the Amendment to Law No. 152 (Bill No. 101234-8) outlining cybersecurity measures is implemented. The Bill introduces additional cybersecurity reporting requirements for entities collecting personal data. In particular, the Bill requires personal data operators to report all cyberattacks and unauthorized transmissions of data to authorities within 24 hours after the incident and inform them of the measures taken to prevent the potential harm to the data holder resulting from the breach.

Original source

Scope

Policy Area
Data governance
Policy Instrument
Cybersecurity regulation
Regulated Economic Activity
cross-cutting
Implementation Level
national
Government Branch
legislature
Government Body
parliament

Complete timeline of this policy change

Hide details
2022-04-06
under deliberation

On 6 April 2022, an Amendment to Law No. 152-FZ is introduced in Russia's State Duma. The Bill intr…

2022-07-06
under deliberation

On 6 July 2022, Russia's State Duma passed the Bill on Strengthening the Protection of Personal Dat…

2022-07-08
adopted

On 8 July 2022, the Federation Council of the Russian Federation adopted the Amendment to Law No. 1…

2022-09-01
in force

On 1 September 2022, the Amendment to Law No. 152 (Bill No. 101234-8) outlining cybersecurity measu…

We use cookies and other technologies to perform analytics on our website. By opting in, you consent to the use by us and our third-party partners of cookies and data gathered from your use of our platform. See our Privacy Policy to learn more about the use of data and your rights.