Introduction
In August 2025, Amendment 13 to the Israeli Privacy Protection Law came into effect, reshaping the legal landscape of data protection in Israel. This update is one of the most significant regulatory changes in years, bringing local law closer to international standards such as the EU’s General Data Protection Regulation (GDPR).
The amendment introduces new responsibilities for organizations that collect, store, or process personal data. For business owners and IT managers, the changes mean more than legal paperwork—they require real technical adjustments. At Psagot IT Solutions, we help companies translate these complex requirements into practical, secure, and compliant systems.
What Is Amendment 13?
Amendment 13 updates the original Protection of Privacy Law (1981) with a modern framework that better reflects the realities of today’s digital economy. Its main objectives are:
- Strengthening accountability of organizations that handle personal data.
- Expanding the enforcement powers of the Privacy Protection Authority.
- Imposing clearer obligations on businesses regarding data security and reporting.
- Increasing transparency to ensure individuals know how their information is used.
The amendment also redefines certain terms, expands the scope of the law to cover modern digital practices, and raises the standards of security expected from organizations.
Key Changes Introduced by Amendment 13
Stronger Enforcement
The Privacy Protection Authority now has greater authority to monitor organizations, conduct inspections, and impose penalties. Businesses found in violation can face public exposure, financial sanctions, and even suspension of database registrations.
Data Breach Notification
Organizations are required to notify the Privacy Protection Authority in the event of a data breach. Depending on the severity, affected individuals may also need to be informed directly.
Risk-Based Data Classification
Companies must classify the types of personal data they manage according to sensitivity levels. Highly sensitive information—such as health records or financial data—requires enhanced security controls.
Written Privacy Policies
Every organization is required to maintain a written data protection policy. This document must clearly outline how data is collected, stored, accessed, and protected.
Expanded Liability
Business owners and managers now carry greater personal responsibility for compliance. Failure to implement proper protections may result in legal consequences.
Why Amendment 13 Matters for Businesses
The impact of Amendment 13 reaches every organization that collects or stores personal data. This includes large corporations, small businesses, startups, and even solo professionals.
For example:
- A doctor who stores patient files electronically.
- An accounting firm managing sensitive financial records.
- An e-commerce store collecting customer addresses and payment details.
- A law firm that maintains client documents on shared drives.
All of these entities must comply with the new standards. The law emphasizes that privacy protection is not just about legal compliance but also about maintaining customer trust in a world where cyberattacks and data leaks are on the rise.
The Role of Psagot IT Solutions
At Psagot IT Solutions, we specialize in guiding businesses through the technical challenges of compliance with Amendment 13. Our approach ensures that the regulatory requirements become a natural extension of your existing IT systems.
Compliance Assessment
We begin with a detailed analysis of your IT environment. This includes mapping data flows, identifying vulnerabilities, and highlighting any gaps in compliance with the new requirements.
Technical Implementation
Our technical services cover every aspect of compliance:
- Deployment of firewalls and advanced network protection.
- Cloud-based backup and antivirus solutions.
- Data encryption for sensitive information.
- Access management and multi-factor authentication.
- Secure email filtering and anti-phishing tools.
Documentation and Policy Support
We assist in drafting the required privacy policies, making sure they include access controls, encryption standards, and incident response plans. These documents are not only a legal necessity but also a roadmap for day-to-day secure operations.
Ongoing Monitoring
Amendment 13 requires organizations to continuously monitor and maintain security standards. Psagot IT Solutions provides ongoing support, system monitoring, and incident response to ensure compliance does not lapse over time.
Benefits of Partnering with Psagot IT Solutions
- Expertise in Israeli law: We understand Amendment 13 and its technical requirements.
- End-to-end service: From planning to monitoring, we cover the entire compliance process.
- Cybersecurity focus: Our solutions integrate regulatory compliance with advanced security.
- Business-friendly approach: We simplify complex rules into practical, efficient solutions.
Steps Toward Compliance
- Conduct a compliance assessment.
- Classify the data your organization manages.
- Draft a written privacy and data protection policy.
- Implement technical safeguards: firewalls, encryption, backups, access controls.
- Train employees on new requirements.
- Establish a breach notification procedure.
- Engage in continuous monitoring and support.
Conclusion
Amendment 13 is more than a legal update—it is a turning point for data privacy in Israel. Businesses of all sizes are now expected to adopt higher standards of data protection and security.
With Psagot IT Solutions, compliance with Amendment 13 becomes manageable, efficient, and secure. We provide the expertise and technical infrastructure to ensure that your business not only meets regulatory obligations but also strengthens its defenses against growing cyber threats.
By treating compliance as an opportunity rather than a burden, organizations can enhance customer trust, protect valuable data, and position themselves as leaders in responsible data management.
