What is India’s DIGITAL PERSONAL DATA PROTECTION ACT (DPDP), 2023?
The DIGITAL PERSONAL DATA PROTECTION ACT (DPDP), 2023 is designed to address this gap by providing a framework for the processing of digital personal data. It aims to balance the recognition of individuals’ right to protect their personal data with the necessity to process such data for lawful purposes and related matters.
WHAT IS IT ALL ABOUT?
This bill represents a step change for how protection of personal and sensitive information needs to be managed, as it applies to the processing of digital personal data within and outside India where such data is collected online, or collected offline and is digitized. The central government will establish the Data Protection Board of India to adjudicate on non-compliance with the provisions of the Bill.
The bill tries to balance the inherent, delicate relationship resulting from the individual right to privacy, and the needs and benefits of such processing.
Personal data may be processed only for a lawful purpose upon consent of an individual. Consent may not be required when data is voluntarily shared data by the individual or processed by the State for permits, licenses, benefits, and services.
Data fiduciaries will be obligated to maintain the accuracy of data, keep data secure, and delete data once its purpose has been met.
Individual rights under the bill include the right to obtain information, seek correction and erasure, and grievance redressal.
SecuPi’s Practical Approach to Implementing Digital Personal Data Protection Act, 2023 (DPDP)
The new bill covers a wide range of topics related to data protection and digital operational resilience. It sets uniform requirements for the security of personal information and applies to organizations operating in India.
SecuPi offers a technology-agnostic data-centric security platform, specifically designed to address regulated organizations compliance, governance privacy and data-security requirements and regulations, offering a superset of capabilities, consistently enforced over on-premises, hybrid and cross-cloud platforms:
- Real-time visibility and user behavior analysis
- Fine-grained access control (ABAC)
- Deidentification of data, at-rest & in-use
In the last years, SecuPi data security platform has been deployed at dozens of Global 2000 organizations, serving data-protection, security, privacy, governance and sovereignty requirements and use cases.
Download our detailed whitepaper to learn more about how SecuPi helps organizations address India’s Digital Personal Data Protection Act ,2023 (DPDP).