{"id":486,"date":"2025-05-17T12:23:34","date_gmt":"2025-05-17T12:23:34","guid":{"rendered":"https:\/\/inforb-wp.demo.certsign.ro\/?page_id=486"},"modified":"2025-07-10T05:18:31","modified_gmt":"2025-07-10T05:18:31","slug":"legislative-updates","status":"publish","type":"page","link":"https:\/\/inforb.ro\/en\/legislative-updates\/","title":{"rendered":"Legislative Updates"},"content":{"rendered":"<section class=\"legislative-update\">\n  <h2>Law No. 124\/2025 \u2013 Approval of Government Emergency Ordinance No. 155\/2024 on Cybersecurity of Networks and Information Systems in the National Civil Cyberspace (Romania)<\/h2>\n\n  <p>\u00cen Monitorul Oficial al Rom\u00e2niei, Partea I, nr. 638 din 7 iulie 2025, a fost publicat\u0103 <strong>Legea nr. 124\/2025<\/strong> privind aprobarea, cu modific\u0103ri \u0219i complet\u0103ri, a <strong>Ordonan\u021bei de urgen\u021b\u0103 a Guvernului nr. 155\/2024<\/strong> Published in the Official Gazette of Romania, Part I, No. 638 of July 7, 2025, Law No. 124\/2025 approves, with amendments and additions, Government Emergency Ordinance No. 155\/2024, which establishes the legal framework for cybersecurity within the national civil cyberspace.<\/p>\n\n  <h3>Key Provisions:<\/h3>\n\n  <ul>\n    <li>Clarifies the applicability of the law in relation to personal data protection legislation, the Criminal Code, and critical entities resilience laws;<\/li>\n    <li>Establishes the competencies of the National Cybersecurity Directorate (DNSC) regarding oversight, incident reporting management, and the confidentiality of submitted information;<\/li>\n    <li>Revises the definition of social networking service platforms;<\/li>\n    <li>Introduces mandatory cybersecurity training for leadership and staff of essential and important entities, and mandates the designation of cybersecurity officers;<\/li>\n    <li>Redefines the criteria under which an incident is deemed significant;<\/li>\n    <li>Regulates the obligation of the national single point of contact to share relevant information with ENISA and the European Commission;<\/li>\n    <li>Clarificarea obliga\u021biilor privind acordurile de schimb de informa\u021bii \u00een domeniul securit\u0103\u021bii cibernetice;<\/li>\n    <li>Clarifies requirements for information-sharing agreements in the field of cybersecurity;<\/li>\n    <li>Establishes obligations for ICT manufacturers and providers regarding vulnerability reporting and remediation, including DNSC\u2019s notification to the European Commission;<\/li>\n    <li>Provides for cooperation between DNSC, the National Bank of Romania (BNR), and the Financial Supervisory Authority (ASF) in assessing and managing cyber risks in the financial sector;<\/li>\n    <li>Modifies response and reporting deadlines for addressing deficiencies identified by DNSC;<\/li>\n    <li>Updates the regime of serious contraventions and sanctions for essential and important entities, including derogations from Government Ordinance No. 2\/2001;<\/li>\n    <li>Updates annexes related to regulated sectors: health, digital infrastructure, and the food industry.<\/li>\n  <\/ul>\n\n  <p>The law was adopted in accordance with Articles 75 and 76(2) of the Romanian Constitution.<\/p>\n\n  <p><strong>Full text available at:<\/strong>  \n    <a href=\"https:\/\/legislatie.just.ro\/Public\/DetaliiDocument\/299675\" target=\"_blank\" rel=\"noopener noreferrer\">\n      https:\/\/legislatie.just.ro\/Public\/DetaliiDocument\/299675\n    <\/a>\n  <\/p>\n<\/section>\n\n\n\n\n<h2 class=\"wp-block-heading is-style-asterisk\" style=\"font-size:clamp(1.837em, 1.837rem + ((1vw - 0.2em) * 1.704), 3.2em);\">Legislation of Romania<\/h2>\n\n\n\n<div style=\"height:35px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<div class=\"wp-block-group has-global-padding is-layout-constrained wp-container-core-group-is-layout-7ee65932 wp-block-group-is-layout-constrained\" style=\"padding-right:1.5em;padding-left:1.5em\">    <div class=\"actualizari-nis2\">\n\n        <section id=\"cadru\">\n            <h2>1. Cadru General: NIS & NIS2<\/h2>\n            <h3>NIS Directive (Network and Information Systems Directive)<\/h3>\n            <p>The first European directive on cybersecurity, establishing minimum requirements for the security of networks and information systems.<\/p>\n\n            <h3>NIS2 Directive<\/h3>\n            <p>The revision of the NIS Directive, adopted at the EU level to strengthen cyber resilience. In Romania, transposed through Emergency Ordinance 155\/2024.<\/p>\n        <\/section>\n\n        <section id=\"acte\">\n            <h2>2. Published Legal Acts<\/h2>\n\n            <h3>2.1. OUG nr. 155\/2024 - Transpunerea Directivei NIS2<\/h3>\n            <p>Official document: <a href=\"https:\/\/dnsc.ro\/vezi\/document\/romanian-nis2-act-oug-155-2024-en\">Vezi OUG 155\/2024 - versiune EN<\/a><\/p>\n            <p>Regulates the minimum security requirements for essential and important entities. Introduces new obligations related to incident reporting and risk assessment.<\/p>\n\n            <h3>2.2. Monitorul Oficial nr. 1332 \u2013 OUG NIS2 (31.12.2024)<\/h3>\n            <p>Official document: <a href=\"https:\/\/dnsc.ro\/vezi\/document\/monitorul-oficial-partea-i-nr-1332-oug-nis2-31122024\">2.2. Official no. 1332 \u2013 NIS2 Emergency Ordinance (31.12.2024)<\/a><\/p>\n            <p>Official publication of the Emergency Ordinance for the implementation of NIS2.<\/p>\n        <\/section>\n\n        <section id=\"proiecte\">\n            <h2>3. DNSC Draft Orders under Public Consultation<\/h2>\n\n            <h3>3.1. Proiect Ordin \u2013 Notificare & Transmitere Informatii<\/h3>\n            <p>Official document: <a href=\"https:\/\/dnsc.ro\/vezi\/document\/proiect-de-ordin-dnsc-pentru-aprobarea-cerintelor-privind-procesul-de-notificare-in-vederea-inregistrarii-si-metoda-de-transmitere-a-informatiilor\">See Draft Order \u2013 Notification<\/a><\/p>\n            <p>Details the notification process for registration and the method of data submission.<\/p>\n\n            <h3>3.2. Draft Order \u2013 Criteria for Determining the Degree of Disruption<\/h3>\n            <p>Official document: <a href=\"https:\/\/dnsc.ro\/vezi\/document\/proiect-de-ordin-dnsc-pentru-aprobarea-criteriilor-si-pragurilor-de-determinare-a-gradului-de-perturbare-a-unui-serviciu-si-metodologia-de-evaluare-a-nivelului-de-risc-al-entitatilor\">See Draft Order - Degree of Disruption<\/a><\/p>\n            <p>Establishes the criteria and thresholds for assessing service impact and risk level.<\/p>\n        <\/section>\n\n        <section id=\"resurse\">\n            <h2>General Resources \u2013 DNSC<\/h2>\n            <p>Updated legislation: <a href=\"https:\/\/www.dnsc.ro\/pagini\/legislatie\">DNSC Legislative Section<\/a><\/p>\n        <\/section>\n\n        <section id=\"linkuri\">\n            <h2>5. Useful Links<\/h2>\n            <ul>\n                <li><a href=\"https:\/\/dnsc.ro\/pagini\/proiect-inforb\">CORB Platform - Romania\u2013Bulgaria Cooperation in NIS<\/a><\/li>\n                <li><a href=\"https:\/\/dnsc.ro\/pagini\/ghiduri\">DNSC Guides and Resources<\/a><\/li>\n            <\/ul>\n        <\/section>\n\n        <style>\n  \n            .actualizari-nis2 h2 { border-bottom: 2px solid #004085; padding-bottom: 5px; }\n            .actualizari-nis2 nav a { margin-right: 15px; color: #007bff; text-decoration: none; }\n            .actualizari-nis2 nav a:hover { text-decoration: underline; }\n\t\t\t\t\t\t\t\t\t \n\t\t  \t.actualizari-nis2 {\n    width: 100%;\n    max-width: 100%;\n    padding: 0;\n    margin: 0;\n}\n\n.actualizari-nis2 section {\n    width: 100%;\n    max-width: 100%;\n    padding: 40px 20px%;\n    box-sizing: border-box;\n}\n\n.actualizari-nis2 header {\n    width: 100%;\n    max-width: 100%;\n}\n\n.actualizari-nis2 nav {\n    width: 100%;\n    max-width: 100%;\n}\n\n        <\/style>\n\n    <\/div>\n    \n<\/div>\n\n\n\n<div style=\"height:35px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h2 class=\"wp-block-heading is-style-asterisk\" style=\"font-size:clamp(1.837em, 1.837rem + ((1vw - 0.2em) * 1.704), 3.2em);\">Legislation of Bulgaria<\/h2>","protected":false},"excerpt":{"rendered":"<p>Legea nr. 124\/2025 privind aprobarea OUG nr. 155\/2024 \u2013 securitatea cibernetic\u0103 a re\u021belelor \u0219i sistemelor informatice din spa\u021biul cibernetic na\u021bional civil \u00cen Monitorul Oficial al Rom\u00e2niei, Partea I, nr. 638 din 7 iulie 2025, a fost publicat\u0103 Legea nr. 124\/2025 privind aprobarea, cu modific\u0103ri \u0219i complet\u0103ri, a Ordonan\u021bei de urgen\u021b\u0103 a Guvernului nr. 155\/2024 pentru [&hellip;]<\/p>","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-486","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/inforb.ro\/en\/wp-json\/wp\/v2\/pages\/486","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/inforb.ro\/en\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/inforb.ro\/en\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/inforb.ro\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/inforb.ro\/en\/wp-json\/wp\/v2\/comments?post=486"}],"version-history":[{"count":13,"href":"https:\/\/inforb.ro\/en\/wp-json\/wp\/v2\/pages\/486\/revisions"}],"predecessor-version":[{"id":1028,"href":"https:\/\/inforb.ro\/en\/wp-json\/wp\/v2\/pages\/486\/revisions\/1028"}],"wp:attachment":[{"href":"https:\/\/inforb.ro\/en\/wp-json\/wp\/v2\/media?parent=486"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}