DR. HAROLD D'COSTA
PRESIDENT - CYBER SECURITY CORPORATION
“Ensuring compliance with key privacy regulations is essential to protect sensitive data and avoid legal liabilities. The Digital Personal Data Protection Act (DPDPA), 2023, is the cornerstone regulation governing data privacy in India. It mandates strict rules on data collection, processing, and storage, with a strong emphasis on obtaining explicit user consent. For businesses handling financial data, compliance with Reserve Bank of India (RBI) guidelines is critical. Regulations such as RBI’s Data Localization Mandate require financial institutions and payment processors to store customer data within India. Additionally, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 (SPDI Rules) outline obligations for protecting sensitive personal data, including implementing security measures and ensuring data confidentiality.
In the healthcare sector, organizations must adhere to the Clinical Establishments Act and Health Data Management Policy under the National Digital Health Mission (NDHM), which mandate strict data protection protocols for health records. Additionally, businesses managing payment data must comply with PCI DSS standards to ensure secure handling of cardholder information.
MAINTAINING USER PRIVACY
For maintaining user privacy, companies should adopt a privacy-by-design framework, ensuring data protection is integrated into every stage of data collection and processing. By embedding these best practices, companies can responsibly collect and utilize data while maintaining compliance with Indian privacy laws and strengthening customer trust.”
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
