DPDP Gap Assessment

The DPDP Act 2023 is one of the most momentous steps towards safeguarding the personal data of citizens. The Act gives citizens a say in protecting their data held by companies for various purposes and prevents companies from misusing personal data.

Under the Act, all Indian companies handling, storing or processing personal data are required to comply with it. The Act gives four basic rights to data principals, namely - Right to Correction, Completion, Updating and Erasure.

Companies using personal data for online marketing activities or any other purposes will have to think twice before doing so. The Act has outlined various offences and heavy penalties for non-compliance to regulatory requirements.

The Act, among other points, talks about various measures to safeguard personal data such as:
Ensuring privacy of personal data is at the centre of all frameworks, policies and procedures
Ensuring transparency while collecting personal data and stating the purpose for collecting or maintaining the data
Personal Data Breaches to be informed to the Authority on a timely basis
Data Protection Impact Assessments to be carried when using new technologies/ processes
Accurate and up-to date records being maintained
Data Audits to be conducted by an independent data auditor

Furthermore, the Bill also cites restrictions on and conditions for Cross-Border Transfer of Personal Data and requiring the data fiduciary to ensure appropriate procedures in place for grievance redressal.

Cyber Tiger has a strong team of experienced and certified data privacy and data protection professionals who have thorough industry and technical knowledge.

Cyber Tiger will conduct a data privacy/protection gap assessment to highlight any gaps or lapses in your framework/policies/processes and suggest an effective data privacy management mitigation plan based on relevant industry best practices to close those gaps.