Introduction In the already far in 2006, Russia passed a law 152 of the Federal Law "On Personal Data". It is no exaggeration to say that the law is the strongest factor affecting the information security market in Russia its history (the market) existence. The fact that this law is actually the first time the state required the business to comply with any regulations on the protection of information. Of course, the state and had to insist on certain standards in this area. There is a system of controlling and licensing bodies (eg, Federal Technical Committee and the FSB), work the mass manufacturers and integrators in the field "State" information security. What's new The most important feature of the adopted law is that the earlier these requirements do not apply completely to all business entities in Russia. Requirements for the Protection of State Secrets naturally apply only to those who handle such information. Even for banking organizations Standard Bank of Russia is not actually binding.
The new law expressly lists those who have to comply with all statutory requirements – this is legal and natural persons. The law has already entered into force in 2006 (see article 25 of the Act). Many business representatives are waiting for the 1 st January 2010 as the date for formal entry into force of the law, which is a big mistake. Exact quote from the text of the Act reads: "personal data information systems that were created before the coming into force of this Federal law, shall be brought into compliance with the requirements of this Federal law no later than January 1, 2010.