Cybersecurity Act

The Cybersecurity Act, published in State Gazette No. 94 of 12 November 2018 was adopted in pursuance of the commitments of the Republic of Bulgaria as a Member State of the European Union, which should introduce into its national legislation provisions
until 09.05.2018 and establish an organization for the implementation of the Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016, concerning measures for a high common level of security of network and information systems across the Union (ОВ, L 194 of 19 July 2016).

Law for Protection of Personal Data

Adopted in January 2002 and last amended in May 2018, due to the GDPR, the Law for Protection of Personal Data was modelled on the EU Directive 95/46/EC on the protection of individuals with regard to the processing of personal data and on the free movement of such data. It applied to the protection of individuals with regard to the processing of personal data, granting them the right to access and correct information held about them by public and private bodies. It defined lawful grounds for the collection, storage and processing of the personal data of individuals. Application of the Act was overseen by the Commission for Personal Data Protection, an independent supervisory authority.

National Computer Security Incidents Response Team (CERT)

CERT's mission is to provide information, support and assistance to its constituencies in order to reduce the risks of computer security incidents, as well as to respond to such incidents at the time of occurrence. The team maintains a database that offers information on how Bulgarian citizens and businesses can make their IT environment more secure. CERT is part of the specialized administration of SEGA.