With organisations increasingly using computers to store and process personal information, the risk of information being misused or falling into the wrong hands is increasing as well. As a result, there are growing concerns around the use and access of personally identifiable and sensitive personal information.
In this heightened risk scenario, the Indian Personal Data Protection Bill (PDPB) was drafted in 2018 on the lines of the General Data Protection Regulation(GDPR) and Justice B N Srikrishna Committee report. Subsequently, in 2019, the Union Cabinet gave its nod to table the Personal Data Protection Bill 2019 (Bill), which seeks to lay down laws on processing of personal data by public and private entities.
In this article, we discuss the key highlights of the Bill and how a well-defined structure and framework to position compliances in line with the Bill is the way forward for organisations.