50% of firms yet to acquire skillsets to implement DPDP Act: Report


New Delhi, Oct 29 (IANS): About 50 per cent of the organisations are yet to acquire the required skill sets to implement the Digital Personal Data Protection (DPDP) Act, 2023, a new report showed on Sunday.

According to ‘The India Data Protection Readiness Report’ by EY India, only 36 per cent of organisations have Data Protection Officers (DPOs) based in India, impacting their ability to manage consent and comply with the provisions of the DPDP Act.

Other challenges identified include inadequate awareness of regulatory guidelines, resource constraints in their compliance journey, and organisational resistance to change -- which may create obstacles in implementing the necessary changes within the organisation.

"Compliance with this legislation necessitates the establishment of a robust technological infrastructure to guarantee data security and accountability," said Lalit Kalra, Cybersecurity Consulting Partner, EY India.

"Moreover, organisations must cultivate a proficient workforce capable of comprehending the legal and ethical dimensions of data processing and adeptly managing data breaches," he added.

About 76 per cent expressed that an organisation's commitment to data privacy and transparency would indeed influence their buying preferences.

This indicates an increasing awareness among consumers regarding data privacy matters and a readiness to support companies that make privacy a priority, the report said.

"The establishment of a transparent data protection ecosystem is imperative. It not only fosters trust but also empowers consumers to make informed choices, ensuring the preservation of their privacy and security," said Mini Gupta, Cybersecurity Consulting Partner, EY India.

The DPDP Act specifies norms on the management of the personal data of residents in India and requires explicit consent from people whose data is collected and used. It also outlines practices for entities that collect personal data, how that data should be stored and processed to ensure there is no breach.

It also provides certain additional rights to the Data Principals such as the right to correct, delete, update and erase data under Section 12.

Section 14 of the DPDP Act provides a right to nominate another individual in case of death or incapacity of the Data Principal.

 

  

Top Stories


Leave a Comment

Title: 50% of firms yet to acquire skillsets to implement DPDP Act: Report



You have 2000 characters left.

Disclaimer:

Please write your correct name and email address. Kindly do not post any personal, abusive, defamatory, infringing, obscene, indecent, discriminatory or unlawful or similar comments. Daijiworld.com will not be responsible for any defamatory message posted under this article.

Please note that sending false messages to insult, defame, intimidate, mislead or deceive people or to intentionally cause public disorder is punishable under law. It is obligatory on Daijiworld to provide the IP address and other details of senders of such comments, to the authority concerned upon request.

Hence, sending offensive comments using daijiworld will be purely at your own risk, and in no way will Daijiworld.com be held responsible.