Bosnia and Herzegovina Law on Protection of Personal Data (2006, amended 2011)
Bosnia and Herzegovina's Law on Protection of Personal Data (Official Gazette BiH No. 49/06, 76/11) establishes the data protection framework. The Personal Data Protection Agency of Bosnia and Herzegovina (AZLP) oversees enforcement. The law was modelled on the EU Data Protection Directive (95/46/EC). It covers processing principles, consent, data subject rights, cross-border transfers, and registration obligations. Amendments and alignment with GDPR have been under discussion as part of EU accession negotiations.
Framework summaries on this platform are AI-assisted interpretations for educational and compliance planning purposes. They do not reproduce or replace the official standards. Refer to the authoritative source for the definitive text. Framework names and trademarks belong to their respective organisations.
Framework Domains (7)
BiH DP Law Chapter I: General Provisions
| Code | Title |
|---|---|
| BA-DPA-1 | Purpose of the Law |
| BA-DPA-2 | Scope of the Law |
| BA-DPA-3 | Definitions |
BiH DP Law Chapter II: Principles and Lawful Processing
| Code | Title |
|---|---|
| BA-DPA-11 | Data Security |
| BA-DPA-12 | Data Processing by a Processor |
| BA-DPA-4 | Principles of Personal Data Processing |
| BA-DPA-5 | Consent by a Data Subject |
| BA-DPA-6 | The Right to Process Without the Data Subject's Consent |
| BA-DPA-7 | Data Authenticity |
| BA-DPA-9 | Processing of Special Categories of Personal Data |
BiH DP Law Chapter III: Records, Confidentiality and Transfers
| Code | Title |
|---|---|
| BA-DPA-13 | Personal Data Filing System |
| BA-DPA-14 | Central Registry |
| BA-DPA-16 | Confidentiality Requirement |
| BA-DPA-18 | Data Transfer Abroad |
BiH DP Law Chapter IV: Rights of Data Subjects
| Code | Title |
|---|---|
| BA-DPA-22 | Notification on Data Collection |
| BA-DPA-24 | The Right to Personal Data Access |
| BA-DPA-27 | Corrigenda and Deletion of Data |
| BA-DPA-29 | Issuing Decisions Based on Automatic Data Processing |
BiH DP Law Chapter V: Complaints and Liability
| Code | Title |
|---|---|
| BA-DPA-30 | Filing Complaints |
| BA-DPA-32 | Liability for Damage |
BiH DP Law Chapter VI: The Personal Data Protection Agency
| Code | Title |
|---|---|
| BA-DPA-35 | Definition of the Agency |
| BA-DPA-40 | Competencies of the Agency |
| BA-DPA-41 | Control Carried Out by the Agency |
BiH DP Law Chapter VII: Offences and Penalties
| Code | Title |
|---|---|
| BA-DPA-48 | Offences and Fines |
Your Compliance Coverage
If you comply with Bosnia and Herzegovina Law on Protection of Personal Data (2006, amended 2011), you already cover:
GDPR
33%
8 controls mapped
Compare →ISO 19011
4%
1 controls mapped
Compare →ISO 31000:2018
4%
1 controls mapped
Compare →+ 1 more: ISO/IEC 17025:2017 - General Requirements for Testing and Calibration (4%)
See all 4 mapped frameworks ↓Maps to 4 other frameworks
Frequently Asked Questions
What is Bosnia and Herzegovina Law on Protection of Personal Data (2006, amended 2011)?
Bosnia and Herzegovina Law on Protection of Personal Data (2006, amended 2011) is a compliance framework from Bosnia and Herzegovina with 7 domains and 24 controls. Bosnia and Herzegovina's Law on Protection of Personal Data (Official Gazette BiH No. 49/06, 76/11) establishes the data protection framework. The Personal Data Protection Agency of Bosnia and Herzegovina (AZLP) oversees enforcement. The law was modelled on the EU Data Protection Directive (95/46/EC). It covers processing principles, consent, data subject rights, cross-border transfers, and registration obligations. Amendments and alignment with GDPR have been under discussion as part of EU accession negotiations. It is used by organisations to establish and maintain compliance with industry standards and regulatory requirements.
How many controls does Bosnia and Herzegovina Law on Protection of Personal Data (2006, amended 2011) have?
Bosnia and Herzegovina Law on Protection of Personal Data (2006, amended 2011) has 24 controls organised across 7 domains. The largest domains are BiH DP Law Chapter II: Principles and Lawful Processing (7 controls), BiH DP Law Chapter III: Records, Confidentiality and Transfers (4 controls), BiH DP Law Chapter IV: Rights of Data Subjects (4 controls). Each control defines specific requirements that organisations must implement to achieve compliance.
What frameworks does Bosnia and Herzegovina Law on Protection of Personal Data (2006, amended 2011) map to?
Bosnia and Herzegovina Law on Protection of Personal Data (2006, amended 2011) maps to 4 other compliance frameworks. The top mapping partners are GDPR (33% coverage), ISO 19011 (4% coverage), ISO 31000:2018 (4% coverage). Use our comparison tool to explore control-level mappings between frameworks.
How do I get started with Bosnia and Herzegovina Law on Protection of Personal Data (2006, amended 2011) compliance?
Start your Bosnia and Herzegovina Law on Protection of Personal Data (2006, amended 2011) compliance journey by running a self-assessment on our platform to identify your current compliance posture. Our AI advisory can answer specific questions about Bosnia and Herzegovina Law on Protection of Personal Data (2006, amended 2011) requirements, and cross-framework mapping helps you leverage existing controls from other frameworks you may already comply with. Create a free account to access all 24 controls and track your progress.
Start Your Compliance Journey
Create a free account to run self-assessments, get AI advisory, and track your compliance progress across 718 frameworks.
Get Started Free →Free forever — no credit card required