DPDP Rules: Shaping the Future of Data Privacy
The Digital Personal Data Protection (DPDP) rules impose rigorous timelines and security measures on companies managing personal data. The rules demand prompt breach notifications, mandatory data retention periods, and periodic impact assessments. It also outlines procedures for obtaining consent and mandates audits to ensure data privacy.
- Country:
- India
The newly introduced Digital Personal Data Protection (DPDP) rules have set stringent guidelines for companies managing personal data. These rules establish clear timelines for actions like breach notifications and data erasures, alongside requiring significant entities to conduct impact assessments and audits annually.
E-commerce platforms, online gaming firms, and social media giants must adhere to a three-year data retention policy post-user inactivity, while data protection inquiries by the Data Protection Board must be concluded within six months unless an extension is deemed necessary.
For data breaches, companies are required to inform both users and the Data Protection Board promptly. Furthermore, verifiable parental consent is essential before processing children's data, ensuring robust privacy protection in today's digital age.
(With inputs from agencies.)
ALSO READ
US to begin social media screening of H-1B, H-4 visa applicants from Dec 15
US to begin social media screening of H-1B, H-4 visa applicants from Dec 15
Karnataka Government Addresses Egg Safety Concerns Amid Social Media Claims
Delhi HC asks social media intermediaries to act in 7 days on former cricketer Sunil Gavaskar's plea to protect personality rights.
Reddit Challenges Australia's Controversial Social Media Ban for Under-16s
Google News