Israeli Privacy Shield
Trusted80/100Israeli Privacy Protection Law compliance guidance including Amendment 13 (effective August 14, 2025), database registration, consent requirements, data security, cross-border transfers, breach notification, privacy protection officer appointment, and AI governance. Use when user asks about Israeli privacy law, "haganat pratiut", "tikun 13", data protection in Israel, GDPR compliance for Israeli companies, privacy policy requirements, or database registration. Covers the Privacy Protection Law 1981, Amendment 13, and 2017 Security Regulations. Do NOT use for EU GDPR-only questions without Israeli context.
Trust score 80/100 (Trusted) · 861+ installs · 2 GitHub contributors · MIT license
The Israeli Privacy Protection Law and its security regulations impose specific obligations on any business managing a personal data repository. These requirements differ from GDPR and other international frameworks, and most global compliance tools do not cover the Israeli legal framework. Without dedicated guidance, businesses are exposed to fines and lawsuits.
How to use this skill
Not sure how? Read the guide- 1. Click "Download ZIP" to download the skill files.
- 2. Open Claude Desktop and go to Customize > Skills.
- 3. Click "+" and select "Upload a skill", then upload the ZIP file.
- 4. Start a new conversation. The skill will activate automatically when relevant.
Developers? Install via command line (CLI)
npx skills-il add skills-il/security-compliance@v1.4.2-israeli-privacy-shield --skill israeli-privacy-shield -a claude-codeWhen to Apply
- When complying with the Israeli Privacy Protection Law (1981) including Amendment 13 (effective August 14, 2025)
- When a business must appoint a Privacy Protection Officer (DPO) under new requirements
- When a data incident occurs and notification to the Privacy Protection Authority is required
- When classifying personal data under the expanded definition (IP, geolocation, online identifiers)
- When building AI governance policies under Amendment 13 automated decision-making rules
- When building a cookie/consent banner for an Israeli or EU-facing Next.js or React site
Try These Prompts
We are a SaaS company storing Israeli customer data. How do I map the personal information we hold to comply with the Privacy Protection Law?
We received a personal data access request from a consumer. What are our obligations under the Israeli Privacy Protection Law and within what timeframe must we respond?
We work with a foreign cloud provider. Do we need a data processing agreement under Israeli law and what must it include?
Build me a GDPR + Amendment 13 compliant consent banner for my Next.js site. Explicit opt-in, equal-weight Reject/Accept, ESC/X dismissal-as-refusal, 12-month re-prompt, localStorage + companion cookie for SSR gating, and cross-tab sync via the storage event.
My consent banner ships in the SSR HTML and is visible for a moment before hydration replaces it. Show me the SSR_SENTINEL pattern with useSyncExternalStore that keeps the banner out of the server render and only shows it after hydration when no choice is stored.
Frequently Asked Questions
Changelog
Substantive fix: severe-security-incident notification is "immediately" under the 2017 Data Security Regulations (no 72-hour rule), the first enforcement action was a NIS 75,000 fine on an individual (not HOT/70k), Section 29A statutory damages are up to NIS 50,000 without proof of harm (100,000 only with intent to harm), added the 5% turnover cap, and the compliance-checker registration logic was rewritten to the Amendment-13 model.
Jun 29, 2026
Added Data Subject Rights (DSR) workflow with 30-day response template, DPIA section, Minors data section (Capacity and Guardianship Law 1962, Biometric ID Law 2009, January 2020 ed-tech audit), expanded fine table with HOT enforcement datapoint, and two new troubleshooting entries (borderline DPO threshold and cross-border transfer to non-adequate country).
May 18, 2026
Amendment 13 overhaul: 72-hour breach notification deadline, DPO appointment thresholds, the 100k-record sensitive-data notification tier, and official reference links.
May 14, 2026
Related Skills
Security scanning guidance for Israeli web applications covering OWASP Top 10, Israeli Privacy Protection Authority (PPA) compliance, dependency vulnerability scanning, secrets detection, and secure coding patterns for Hebrew/RTL apps.
Coordinate Israeli-built cybersecurity tools for security operations including threat triage, vulnerability management, compliance checking, and incident response. Use when user mentions security operations, "SOC", vulnerability scanning, threat triage, compliance assessment, or asks to coordinate Wiz, Snyk, Check Point, CyberArk, SentinelOne, Armis, Torq, or Pentera tools. Embeds Israeli security best practices including INCD guidelines and Israeli Privacy Protection Law compliance. Do NOT use for offensive security testing or creating exploits.
Guide Israeli ML teams through the AI governance and compliance stack: Ministry of Innovation December 2023 AI policy principles, Privacy Protection Law (PPL) and Amendment 13 applied to ML training data, sector-specific rules (Bank of Israel Directive 364, Ministry of Health AMAR medical-device AI), and EU AI Act exposure for Israeli exporters. Generates model cards, data statements, and DPIA templates tailored to Israeli context. Use when preparing AI governance docs, answering an enterprise customer's AI risk review, classifying a system under the EU AI Act, or building an internal responsible-AI checklist. Prevents costly compliance gaps when shipping AI to regulated markets. Do NOT use for general PPL policy (use israeli-privacy-shield), web app security (use israeli-appsec-scanner), or SOC/threat triage (use israeli-cybersecurity-ops).
Use at your own risk. Terms of Use · Security
Want to build your own skill? Try the Skill Creator · Submit a Skill