Is there an Israeli AI Act?

No. As of May 2026, Israel does not have a horizontal AI law. The framework consists of voluntary principles from the Ministry of Innovation (December 2023), the Privacy Protection Law (with Amendment 13 in force since August 14, 2025), and sector-specific guidance from various regulators. A Ministry of Innovation AI Policy Coordination Center is being formalised and a new multi-year national AI strategy is anticipated after 2026.

When does the EU AI Act apply to an Israeli company?

When the company places an AI system on the EU market, puts it into service in the EU under its name, or when the output of the system is used in the EU. A purely Israeli deployment with Israeli-only users is outside scope. GPAI obligations have been in force since August 2, 2025. The Annex III high-risk obligations were postponed by the Digital Omnibus on AI agreement of May 7, 2026 from August 2, 2026 to December 2, 2027 (treat this date as provisional until the amending regulation is formally adopted); GPAI obligations were NOT postponed.

What is the difference between BoI Directive 361 and Directive 364?

Directive 361 (bank cybersecurity), along with Directives 357 and 363, was consolidated into Directive 364 Management of IT, Information Security, and Cyber Protection Risks, published 18/11/2024. Citing 361 today is outdated. Directive 364 is technology-neutral; it is not an AI-specific directive.

What does PPL Amendment 13 require?

Among other things: an expanded definition of personal information, a Data Protection Officer role for organizations processing sensitive data at scale or conducting systematic monitoring, increased enforcement powers for the Privacy Protection Authority (including administrative fines up to millions of NIS), and stronger data subject rights. Amendment 13 came into force on August 14, 2025 and the PPA grace period on DPO appointment expired October 31, 2025.

Can I train a model on content scraped from Hebrew social networks?

Not without a documented lawful basis. The PPA draft AI guidance of April 30, 2025 (still formally in draft as of May 2026, but PPA officials have said they will enforce it as if statutory, so treat it as the PPA's operative compliance standard) expressly prohibits unauthorized scraping of personal data for AI training. Use only sources with an explicit license or a proven lawful basis.

Should I sign the EU GPAI Code of Practice?

If you place a foundation model on the EU market, the voluntary Code of Practice (final version July 10, 2025, Commission-endorsed August 1, 2025) is the Commission's preferred route for demonstrating compliance with GPAI obligations. It is usually less work than building a bespoke compliance dossier. Israeli GPAI providers should consider signing it.

Israeli AI Compliance Kit

Trusted89/100

Before deciding whether to install, talk to the skill

Guide Israeli ML teams through the AI governance and compliance stack: Ministry of Innovation December 2023 AI policy principles, Privacy Protection Law (PPL) and Amendment 13 applied to ML training data, sector-specific rules (Bank of Israel Directive 364, Ministry of Health AMAR medical-device AI), and EU AI Act exposure for Israeli exporters. Generates model cards, data statements, and DPIA templates tailored to Israeli context. Use when preparing AI governance docs, answering an enterprise customer's AI risk review, classifying a system under the EU AI Act, or building an internal responsible-AI checklist. Prevents costly compliance gaps when shipping AI to regulated markets. Do NOT use for general PPL policy (use israeli-privacy-shield), web app security (use israeli-appsec-scanner), or SOC/threat triage (use israeli-cybersecurity-ops).

The Problem

Israeli ML teams shipping AI products face a fragmented compliance landscape: voluntary principles from the Ministry of Innovation, the Privacy Protection Law with Amendment 13 in force since August 14, 2025, sector regulators each drafting their own AI guidance, and the EU AI Act rolling out in staggered phases through 2027 that reach anyone selling into Europe. Most teams discover these requirements mid-procurement when an enterprise customer demands a model card, data statement, and DPIA. There is no unified checklist or template set tailored to the Israeli regulatory context.

skills-il Security & Compliance|4installs942views

0Write a Review

1.1.0MITGitHub

4installs942views

0Write a Review

Updated: June 10, 2026|Tags:ai-compliance ai-governance privacy-protection-law amendment-13 eu-ai-act model-card dpia ministry-of-innovation ml israel

npx skills-il add skills-il/security-compliance --skill israeli-ai-compliance-kit -a claude-code

Install on Claude.ai, Claude Desktop, ChatGPT, Manus, or other platforms

1. Click "Download ZIP" to download the skill files.
2. Open Claude Desktop and go to Customize > Skills.
3. Click "+" and select "Upload a skill", then upload the ZIP file.
4. Start a new conversation. The skill will activate automatically when relevant.

A new version released? How to update your installed skill

Not sure how? Read the guide

When to Apply

When an enterprise customer requests AI risk review documents (model card, data statement, DPIA)
When classifying a system under the EU AI Act before entering the EU market
When building a financial ML system that must align with BoI Directive 364
When preparing medical-device AI for Ministry of Health AMAR review
When building an internal AI governance checklist aligned to MoI ethical principles

Try These Prompts

Customer model card

An enterprise customer asked for a model card for our Hebrew summarization API. Draft one with Israeli-context fields (PPL registration, Amendment 13 DPO, MoI 2023 principles alignment, sector regulator applicability).

EU AI Act classification

I want to sell a credit-scoring model to a German bank. Walk me through the EU AI Act decision tree and tell me if it is high-risk and what my obligations are as an Israeli provider.

Amendment 13 DPIA

We are building a customer support chatbot that processes Hebrew conversations. Draft a DPIA aligned to PPL and Amendment 13 which takes effect August 2025.

BoI Directive 364

A banking customer asked us to comply with Directive 361. Explain that 361 was consolidated into Directive 364 and help me draft a clean reply with the right reference.

Frequently Asked Questions

Related Skills

Pikud HaOref Alerts

Community·66

Author: yaniv-golan

v0.6.0Popular

Comprehensive guide for working with Pikud HaOref (Israel Home Front Command) alert APIs - the official and community endpoints that publish real-time rocket alerts, earthquake warnings, and other civil defense notifications across Israel. Use this skill whenever someone wants to build an integration with Pikud HaOref alerts, fetch live or historical alert data, set up monitoring or dashboards for Israeli emergency alerts, write code that consumes oref.org.il endpoints, deploy an alert service, or understand the available API landscape. Also trigger when someone mentions "red alert API", "tzeva adom", "oref alerts", "rocket alert Israel", "Home Front Command API", or any Hebrew references like "פיקוד העורף" or "צבע אדום". Even if the user just says "I want to get alerts from Israel" or "build something with Israeli civil defense data", this skill is the right starting point. Do NOT use for US weather alerts (NWS/FEMA), UK emergency alerts, generic webhook/push notification frameworks, or non-Israeli civil defense systems.

Ask the Skill

0.0331,235

Claude CodeCursorGitHub Copilot+6

Israeli Privacy Shield

Trusted·89

Author: skills-il

v1.3.0Popular

Israeli Privacy Protection Law compliance guidance including Amendment 13 (effective August 14, 2025), database registration, consent requirements, data security, cross-border transfers, breach notification, privacy protection officer appointment, and AI governance. Use when user asks about Israeli privacy law, "haganat pratiut", "tikun 13", data protection in Israel, GDPR compliance for Israeli companies, privacy policy requirements, or database registration. Covers the Privacy Protection Law 1981, Amendment 13, and 2017 Security Regulations. Do NOT use for EU GDPR-only questions without Israeli context.

Ask the Skill

0.01891,491

Claude CodeCursorGitHub Copilot+5

Israeli Cybersecurity Ops

Verified·90

Author: skills-il

v1.0.2Popular

Coordinate Israeli-built cybersecurity tools for security operations including threat triage, vulnerability management, compliance checking, and incident response. Use when user mentions security operations, "SOC", vulnerability scanning, threat triage, compliance assessment, or asks to coordinate Wiz, Snyk, Check Point, CyberArk, SentinelOne, Armis, Torq, or Pentera tools. Embeds Israeli security best practices including INCD guidelines and Israeli Privacy Protection Law compliance. Do NOT use for offensive security testing or creating exploits.

Ask the Skill

0.0461,516

Claude CodeCursorGitHub Copilot+5

Found an issue with this skill?

Use at your own risk. Terms of Use · Security

Want to build your own skill? Try the Skill Creator · Submit a Skill

Reviews (0)

No reviews yet. Be the first to write one!

Israeli AI Compliance Kit

When to Apply

Try These Prompts

Developer & AI Agent Instructions

Security Analysis

Quality Score

Performance Data

Frequently Asked Questions

Is there an Israeli AI Act?

Is there an Israeli AI Act?

When does the EU AI Act apply to an Israeli company?

When does the EU AI Act apply to an Israeli company?

What is the difference between BoI Directive 361 and Directive 364?

What is the difference between BoI Directive 361 and Directive 364?

What does PPL Amendment 13 require?

What does PPL Amendment 13 require?

Can I train a model on content scraped from Hebrew social networks?

Can I train a model on content scraped from Hebrew social networks?

Should I sign the EU GPAI Code of Practice?

Should I sign the EU GPAI Code of Practice?

Related Skills

Pikud HaOref Alerts

Israeli Privacy Shield

Israeli Cybersecurity Ops

Reviews (0)