It has been a couple of months since the enactment of the Digital Personal Data Protection Act, 2023 (DPDPA), and the compliance deadline for business is expected to be announced very soon (along with the rules which are expected to provide better insight on the manner of compliance with the provisions of the DPDPA). This interim timeframe provides a good opportunity for businesses to make suitable changes to their data processing protocols and measures to ensure that they’re not caught off guard in the event a short timeline is announced to comply with the requirements under the statute.
All businesses should ideally start taking the following steps (after consultation with a legal counsel and information security experts):
Deploy administrative and technical mechanisms to report data breaches to the Data Protection Board of India as well as the affected Data Principals, prepare for independent data audits, etc.
We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below. Read more...