We draw your attention to the fact thatin accordance with Article 4 of the Resolution of the Cabinet of Ministers of Ukraine dated March 29, 2006. No. 373 «On the approval of the Rules for ensuring the protection of information in information, telecommunication and information and telecommunication systems» protection is subject to information, the requirement for protection of which is established by law, including confidential information about a natural person.
According to Art. 11 of the Law of Ukraine «On Information», confidential information about a natural person includes, in particular, data on his nationality, education, marital status, religious beliefs, health status, as well as address, date and place of birth.
But in accordance with Art. 8 of the Law of Ukraine «On the protection of information in information and telecommunication systems» information, the requirement for protection of which is established by law, must be processed in the system using
comprehensive system of information protection (KSZI) with confirmed compliance. Confirmation of compliance is carried out based on the results of the state examination in the manner established by law.
Please also note that personal data is confidential information and the requirement to protect it is established by law. In the case of their processing in the information (automated) system, we must be guided by the requirements of Art. 8 of the Law of Ukraine «On the Protection of Information in Information and Telecommunication Systems», which requires the owner of the building system (KSZI).
According to Art. 9 of the Law of Ukraine «On the Protection of Information in Information and Telecommunication Systems», the responsibility for ensuring the protection of information in the system rests with the owner of the system.