Resources for Data Protection and Privacy

Data Protection and Privacy is more relevant today than ever before. With the internet of things and the rise in digitalization, the challenge of privacy has made users pro-active in protecting their personal information. According to Forbes[1], 45% of US citizens have had their personal information compromised by a data breach in the past fiveContinue reading “Resources for Data Protection and Privacy”

Cross border data transfer- An Overview of Adequacy Decision, SCC and BCR

Introduction Data is now termed as a highly valuable asset which used for business expansions plans globally. With the technology driven world and high delivery speed big data is transferred internationally without boundaries just in fraction of seconds. However, these cross-border data transfers/ flows are regulated. As of now approx. 110+ countries have enforced dataContinue reading “Cross border data transfer- An Overview of Adequacy Decision, SCC and BCR”

Anonymisation and Pseudonymisation – Overview and Legal Regime

What is Anonymisation? The Joint Parliamentary Committee in its report on the Indian Data Protection Bill, 2021 (“DP Bill”) recently included anonymized data within the purview of the bill. The DP Bill defines anonymization in relation to personal data as: “Such irreversible process of transforming or converting personal data to a form in which aContinue reading “Anonymisation and Pseudonymisation – Overview and Legal Regime”

Consent under the data protection regime

Introduction Consent is a form of expressed and immediate acceptance of the terms by the user. Consent provides validity and is binding under certain legal regimes. Data protection laws like the GDPR, CCPA, LGPD, PIPEDA etc recognises consent as a legal basis for processing personal data. It is a highly used best practice by organisationsContinue reading “Consent under the data protection regime”

What is a Data Subject Access Request (DSAR/SAR)?

A Data Subject Access Request (DSAR) or Subject Access Request (SAR) is a form of a right provided to a data subject to exercise. They can request to know what personal data an organisation or a data controller holds on them, how it is processed, with whom the data is shared and the period forContinue reading “What is a Data Subject Access Request (DSAR/SAR)?”

Is Digital Data Training Enough?

Amid the pandemic, all the organization whether public or private have started working virtually more than ever and this has exponentially increased the cybersecurity risk and threats which invariably impacts the personal data of users shared via their devices, e-mail, servers etc. Certainly, to ensure privacy and to protect the personal data of its citizensContinue reading “Is Digital Data Training Enough?”

Data Privacy vs Data Security: What is the Core Difference

It is a common misconception that ‘data privacy’ and ‘data security’ are synonyms. However, with different set of guidelines, technologies, expertise and know how required, both the concepts entail a difference in understanding and further implementation. Though used interchangeably being used for subjectively protecting an individual’s information unique to them, the difference primarily lies inContinue reading “Data Privacy vs Data Security: What is the Core Difference”

How organisations should tackle their data privacy requirements

The pandemic has unprecedently shifted everyone online. Likewise, the businesses, educational institutes and companies also went digital to continue their operations. The contactless conversations and transactions have now become a common practice. In such arena, huge volume of data is collected shared and transferred every second and due to this privacy and security risk areContinue reading “How organisations should tackle their data privacy requirements”

GDPR Compliance: 8 Steps B2B Marketers Need to Take

Marketing is a crucial business function which pushes business growth by enabling sale of products and services. Effective marketing strategies are the biggest determinant of business development and global recognition. The marketing industry has seen a massive boom in the recent years through digitalisation. Since digital marketing is conducted online, it targets prospective audience throughContinue reading “GDPR Compliance: 8 Steps B2B Marketers Need to Take”

What is a ROPA?

A Record of Processing Activities (ROPA) is an internal document. It helps in creating an overall picture of the processing of personal data and is used to demonstrate that the personal data is being processed in accordance with data protection legislation. It is an integral part of demonstrating the organization’s accountability towards data protection andContinue reading “What is a ROPA?”