Israeli Privacy Shield
Trusted73/100Author: @skills-il
Israeli Privacy Protection Law compliance guidance including database registration, consent requirements, data security, cross-border transfers, and breach notification. Use when user asks about Israeli privacy law, "haganat pratiut", data protection in Israel, GDPR compliance for Israeli companies, privacy policy requirements, or database registration. Covers the Privacy Protection Law 1981 and 2017 Security Regulations. Do NOT use for EU GDPR-only questions without Israeli context.
npx skills-il add skills-il/security-compliance --skill israeli-privacy-shieldIsraeli Privacy Shield
Critical Note
This skill provides compliance GUIDANCE. It does not replace legal counsel. Recommend consulting a privacy attorney (orech din specializing in prati'ut) for specific compliance decisions.
Instructions
Step 1: Assess Security Level
The 2017 regulations define three security levels:
| Level | Criteria | Key Requirements |
|---|---|---|
| Basic | < 10,000 records, non-sensitive | Access controls, logging, backup |
| Medium | 10,000+ records OR sensitive data | + Encryption, security officer appointment |
| High | Government, health, financial, 100K+ records | + Annual audit, incident response plan, DPO |
Sensitive data includes: Health, genetics, sexual orientation, political views, criminal record.
Step 2: Database Registration Check
Must register with Privacy Protection Authority if:
- Database has 10,000+ records AND used for direct marketing, OR
- Database has 10,000+ records AND contains sensitive information, OR
- Database owned by public body, OR
- Database used for credit/financial information services
Registration URL: https://www.gov.il/he/departments/privacy_authority
Step 3: Consent Requirements
Israeli law requires consent for:
- Collection of personal data
- Use beyond the original purpose
- Transfer to third parties
- Cross-border transfer
Consent must be: Informed, specific, freely given Exceptions: Legal obligation, vital interests, public interest, legitimate interest (limited)
Step 4: Cross-Border Transfer Rules
Personal data transfer outside Israel requires:
- Recipient country has adequate protection (EU, UK, few others), OR
- Contractual safeguards (similar to GDPR SCCs), OR
- Data subject consent (informed and specific), OR
- Listed exemptions (necessary for contract, legal proceedings, etc.)
Note: Israel has EU adequacy decision — transfer TO EU is generally straightforward.
Step 5: Breach Notification
Under 2017 regulations:
- Severe security incident: Report to Privacy Protection Authority "without delay"
- No specific hour deadline (unlike GDPR's 72 hours), but "without delay" interpreted as quickly
- Notify affected individuals if breach may cause them significant harm
- Document: All incidents, response actions, and decisions
Step 6: Compliance Checklist
For each assessed entity, verify:
- Database registration (if required)
- Privacy policy published (Hebrew, accessible)
- Consent mechanisms in place
- Security measures per level (basic/medium/high)
- Data processing agreements with processors
- Cross-border transfer safeguards
- Breach response plan
- Data subject request handling process
- Employee training
- Security officer/DPO appointed (if required)
GDPR vs Israeli Law Key Differences
| Aspect | Israeli Law | GDPR |
|---|---|---|
| Legal basis | Consent primary, limited exceptions | 6 legal bases |
| DPO requirement | Only for high-level databases | Broader requirement |
| Breach notification | "Without delay", no specific hours | 72 hours |
| Penalties | Criminal + civil, relatively low fines | Up to 4% global revenue |
| Right to erasure | Limited | Comprehensive (right to be forgotten) |
| Database registration | Required for qualifying databases | Not required (replaced by ROPA) |
| Extra-territorial scope | Limited | Broad |
Examples
Example 1: SaaS Startup Compliance
User says: "I'm building a SaaS with Israeli customers, what privacy requirements apply?" Result: Assessment of security level, database registration need, privacy policy requirements, recommended consent mechanisms.
Example 2: Data Breach Response
User says: "We discovered a data breach affecting Israeli users" Result: Step-by-step breach response: contain, assess, notify authority, notify users if significant harm, document.
Example 3: Cross-Border Data Transfer
User says: "We need to transfer Israeli customer data to our US servers" Actions:
- Assess data types for sensitivity level
- Check if destination country has adequate protection
- Determine transfer mechanism (adequacy, consent, contractual clauses)
- Document compliance steps Result: Transfer compliance checklist with specific steps for US data transfer under Israeli Privacy Protection Law.
Bundled Resources
Scripts
scripts/compliance_checker.py— Runs a full Privacy Protection Law compliance assessment: determines security level (basic/medium/high), checks database registration requirements, and generates a compliance checklist with all applicable controls. Run:python scripts/compliance_checker.py --help
References
references/privacy-law-requirements.md— Detailed breakdown of the Privacy Protection Law 1981 and 2017 Security Regulations including database registration process, security level requirements, consent rules, cross-border transfer rules, breach notification procedures, and penalties. Consult when you need specific legal requirements, section numbers, or GDPR comparison details beyond what the instructions cover.
Troubleshooting
Error: "Unsure about security level"
Cause: Borderline case between basic/medium/high Solution: When in doubt, apply the higher level. The cost difference is small compared to non-compliance risk.
Metadata
GitHub:israeli-privacy-shield
installs:0
views:302
reviews:0 (0.0)
Created:June 1, 2025
Updated:March 5, 2026
Supported Agents
Claude CodeCursorGitHub CopilotWindsurfOpenCodeCodexAntigravity
Tags
privacydata-protectioncompliancegdprregulationisrael
Security Analysis
73/100
Trust Score
Code Quality58
Permissions40
Data Handling100
Publisher Reputation70
Maintenance100
Documentation100
Passed security checksv13/5/2026
Related Skills
Israeli Privacy Compliance
Author: skills-ilTrusted73/100
New
Israeli privacy law implementation code patterns for the Protection of Privacy Law (Chok Haganat HaPratiyut, 1981). Provides consent management code, DSAR workflow implementation, PPA database registration API integration, cross-border data transfer patterns, and GDPR dual-compliance bridging code. Use when user asks to implement privacy compliance in code, build consent forms, handle data subject requests, integrate with database registry, or write GDPR-compatible Israeli privacy code. Do NOT use for regulatory overview (use israeli-privacy-shield instead).
0.00388
Claude CodeCursorGitHub Copilot+4
Israeli Accessibility
Author: skills-ilTrusted73/100
NewTrending
Audit and implement web accessibility compliance per Israeli Standard IS 5568 and the Equal Rights for Persons with Disabilities Law
0.01127
Claude CodeCursorGitHub Copilot+4
Hebrew Legal Research
Author: skills-ilTrusted73/100
New
Assist with Israeli legal research including legislation lookup, case law concepts, Hebrew legal terminology, and legal document preparation guidance. Use when user asks about Israeli law, "chok", "mishpat", "bagatz", court procedures, employment law, contract law, real estate law, or needs help with Hebrew legal terms. Covers civil, commercial, employment, and administrative law. Do NOT use for providing formal legal advice — always recommend consulting a licensed Israeli attorney (orech din). Do NOT use for non-Israeli legal systems.
0.01328
Claude CodeCursorGitHub Copilot+4
Want to build your own skill? Try the Skill Creator · Submit a Skill
Reviews (0)
No reviews yet. Be the first to write one!