Kemenkominfo Public Test Personal Data Protection Regulation

Ilustrasi (dok)

JAKARTA (IndoTelko) - Ministry of Communications and Information Technology (Kemenkominfo) is conducting a public test of the Ministerial Regulation Bill (RPM) on the Protection of Personal Data in Electronic System.

The Ministry's spokesperson Ismail Cawidu said that this regulation is prepared to carry out the Article 15 paragraph (3) of the Government Regulation No. 82 of 2012 on the Electronic Transaction and System Implementation.

Cawidu said that the bill preparation begins with a discussion of setting a paradigm of personal data in some countries, which further discussion of the key issues of protection of personal data carried out by inviting regulatory and supervisory agencies related sectors namely the Directorate General of Immigration which manages the passport data, the Indonesian National Archives (ANRI) which manages the archival data.

The Financial Services Authority, which regulates the data of the financial sector, Bank Indonesia regulating banking data, the Indonesian Consumers Foundation in charge of the protection of consumer data, and the Ministry of Health which regulates the field of health data and archives.

The bill's range is including arranging Personal Data Protection of Electronic System Operator Liability, Dispute Resolution, Public Participation and Administrative Sanctions.

Management System
Besides setting up regulation on personal data, the government is also preparing another Ministerial Regulation Bill on Information Security Management System (SMPI).

The regulation is to carry out the mandate of the Article 20 (4) of the Government Regulation No. 82 of 2012 on the Implementation of Electronic Transactions and System (PP PSTE).

In the Article 20 (1) of the Government's Regulation that Electronic Transactions and System (PP PSTE) operators shall own and operate the procedures and means for securing Electronic Systems in avoiding interference, failure and loss.

According to the Government Regulation's on Electronic Transactions and System Article 20 (2), regulates that operators are required to provide a security system which includes procedures and systems of prevention and countermeasures against threats and attacks that cause interference, failure and loss.

Furthermore, based on Article 20 (4) regulates further provisions regarding Security Systems set out in Regulation.
The bill's preparation of Information Security Management System (SMPI) has been carried out since the end of 2013 and continued in 2014, with the involvement of relevant stakeholders.

The Ministerial Regulation bill on Information Security Management System is consisting of categorization of Electronic Systems, Information Security Management System Standard, and Issuance of Certificates, Certification Results Reporting.(es)