DPDP

  1. Home
  2. Services
  3. DPDP

DPDP

The Digital Personal Data Protection Act (DPDP Act) was passed by the Indian Parliament in August 2023. The organizations need to understand how they need to restructure their business processes to ensure that they are fully compliant to the law.

Who will be effected

Any company who processes personal information of individuals. Though law has given some exemptions but most of them apply to govt organizations. Some of the sectors that impacted are :

  • Travel and Hospitality sector.
  • Banking and Finance sector.
  • Insurance sector.
  • Education sector.
  • Healthcare sector.
  • Online portals.
  • Or any other sector which processes volume information or sensitive personal information.
    •


Non compliance to Digital Personal Data Protection Act 2023 can lead to huge penalties.


The Central Government may, having regard to the volume and nature of personal data processed, notify certain Data Fiduciaries or class of Data Fiduciaries, including startups, as Data Fiduciaries to whom the provisions of section 5, sub-sections (3) and (7) of section 8 and sections 10 and 11 shall not apply


PENALTIES AND ADJUDICATION

33. (1) If the Board determines on conclusion of an inquiry that breach of the provisions of this Act or the rules made thereunder by a person is significant, it may, after giving the person an opportunity of being heard, impose such monetary penalty specified in the Schedule.

(2)While determining the amount of monetary penalty to be imposed under sub-section (1), the Board shall have regard to the following matters, namely :-

(a) the nature, gravity and duration of the breach;
(b) the type and nature of the personal data affected by the breach;
(c) repetitive nature of the breach;
(d) whether the person, as a result of the breach, has realised a gain or avoided any loss;
(e) whether the person took any action to mitigate the effects and consequences of the breach, and the timeliness and effectiveness of such action;
(f) whether the monetary penalty to be imposed is proportionate and effective, having regard to the need to secure observance of and deter breach of the provisions of this Act; and
(g) the likely impact of the imposition of the monetary penalty on the person