What is the Personal Data Protection Law ?
For many years pending on the date of the design which entered into force on 7 April 2016 and ‘the processing of personal data law on personal data protection No. 6698, particularly to protect the fundamental rights and freedoms of individuals to privacy and the obligations of real and legal persons who process personal data should comply with the AIM Rules, has to edit.
Except for the exceptions specified in the law, personal data may not be processed without the express consent of the person concerned; it may not be transferred to third parties and abroad. In case of failure to comply with these articles, which are also specified in separate articles in the law, institutions may be subject to an administrative fine. According to the law, those who violate personal data are sentenced to imprisonment from 1 to 3 years. In addition, a person who intercepts this data by way of violation can also be sentenced to imprisonment from 2 to 4 years. Administrative fines may increase from £ 5,000 to £ 1,000,000, depending on the unfulfilled Clause(s).
Law on the protection of personal data; when personal data is considered as information entrusted to institutions and organizations by its original owners, all institutions that process employee / customer information are obliged to apply the law. Especially when we consider that banks and large-scale companies work with a large number of customers and suppliers, ensuring data security is a very important issue, and all companies have obligations in this regard. Name-last name, ID number, IP address, phone number, Pictures, resume, information, e-mail, such as address data, as well as hobbies, preferences and tastes, physical features, habits are regarded as personal data such as navigation data also. Anyone who holds this data needs counselling.
Business Services, processes, roles and responsibilities of participants (persons, organizational units or systems) in these processes, data accessed by Application Software and systems used by participants, and technology components in which data is stored or processed fall into the field of end-to-end Enterprise Architecture in such a way as to be directly analyzed and evaluated for impact.
From an information security perspective, information security issues such as access security and management, software authorization and Application Control, Device Control, database authorization and security, and network access consolidation and Management stand out.