The Circular on Information Security in Public Institutions and Organizations has been published in the Official Gazette

Circular no 2019/12 on Information and Communication Security Measures specifying a serious of measures to ensure the security of data that may have an impact on public order and national safety was published in the Official Gazette No. 30823, dated July 6, 2019. The Circular that consists of 21 articles has aroused interest with many articles contained therein. We may classify the prominent issues in the said publication as below:

In the 28 April 2019 dated and 30758 numbered Official Gazette, certain amendment texts directly related with the law on protection of personal data legislation, have been published. These amendments have been done in legislations of purge/destruction/anonymization of personal data, VERBIS and the obligation to inform, are respectively as follows:

• Regulation on Purging, Destruction and Anonymization of Personal Data
• Regulation on the Data Controllers’ Registry System
• Communiqué on Procedures and Principles to Be Followed in Fulfilling Obligation to Inform

6698 numbered Personal Data Protection Law Article 16 makes the natural person and legal entities who process personal data, obligatory to register Data Responsible Registry Information System (namely “VERBIS” in Turkish) obligatory. As is known, one shall register into the VERBIS through the web-site of the Personal Data Protection Institution by logging-in. It is stated with the 10.04.2019 dated announcement of the Institution that it is possible to login to the VERBIS system via e-government online portal.

The protection of the personal data has become more of an issue day by day with the development of internet technologies and personal data stored digitally. In this manner, the Institution of Personal Data Protection (the “Institution”) is developing the national legislation and publishing additional sources for the practice to sustain both domestic information security needs and integration with the European Union.