Romania: Emergency ordinance amending NIS Directive implementing law published
The Emergency Ordinance No. 119 of 22 July 2020 ('the Emergency Ordinance') for the amendment of Law No. 362/2018 on Ensuring a High Common Level of Security of Networks and Information Systems of 9 January 2019 ('the Law') was published, on 24 July 2020, in the Official Gazette with the National Cybersecurity Response Centre ('CERT-RO') making a statement on the same. In particular, the Emergency Ordinance amends the Law which had implemented the Directive on Security Network and Information Systems (Directive (EU) 2016/1148) ('the NIS Directive'), as well as focusing on the functions of CERT-RO and the Interinstitutional Working Group for the Determination of the Threshold Values Necessary for Determining the Significant Disruptive Effect of Incidents at the Networks and Computer Systems for essential service operators ('GdLINIS'). In addition, CERT-RO highlighted that the Emergency Ordinance has introduced an important amendment by providing for GdLINIS' role in determining the threshold values necessary to establish the disruptive effect of incidents affecting networks and IT systems of essential service operators. Finally, CERT-RO noted that the adoption of the Emergency Ordinance is essential in furthering the implementation of the provisions of the NIS Directive in Romania.