According to Forrester – ‘Privacy is a game changer; it will be to organizations in 2016 what websites were to companies in 2000’.
What is Data Privacy
Data Privacy is all about giving a person certain rights over his/her Personal Information. For eg, Informing the person about what is being done with his/her personal data, how it is being used, getting consent for such usage, whether it is being shared with an external party, whether it is being sent to a different country, how it is being protected, etc.
Do note that protection of the data is just one right amongst the host of rights mentioned above. That is known as personal data protection – and is often confused with data privacy as a whole.
How is Personal Information defined?
Personal Information is essentially any information that can be used to identify an individual. This includes demographic data, identity data, financial data, health data, etc. Today this definition has been expanded to also include data like online identifiers (data elements that get captured while a user is online), device identifiers (from a user’s device), location data, IP addresses, etc – in short, a host of technical information that doesn’t easily come to mind when one thinks of Personal Information
This expanded definition of personal information coupled with the pace at which the world is digitising has catapulted the need to implement privacy in an organization to an urgent & imperative need.
Data Privacy in Indian Organizations
The common – and mistaken – perception is that there is no law for Data Privacy in India. While India may not have a comprehensive data privacy law, the basic principles of privacy for organizations is covered under the rules for sensitive data protection under Section 43A of the Indian Information Technology (IT) Act. And the liabilities for any breach includes for civil and criminal penalties. So organizations in India need to comply.
Moreover, those organizations dealing with Personal Information of individuals in any other country – directly or indirectly – come under the purview of that country’s data privacy laws. And almost every country in the world has a law around data privacy. Hence it is imperative for all organizations in India to look at Data Privacy seriously.
Data Privacy Consulting at Arrka
Arrka is one of the pioneers in this domain in India. We have been providing services in Data Privacy for the last four years and have a dedicated team of consultants who specialise in the domain. We have had the privilege of working with the regulator (DSCI) in this domain and also helping one of the largest organizations in India implement their privacy program. We have also set up the Arrka Privacy Testing Centre that provides privacy testing & assessment services for Mobile Apps.
Some of the services we offer are:
- Personal Information Identification & Definition: While this may seem like a straightforward activity, it often is not so. Given how the definition of personal information is evolving, organizations often have to do a detailed discovery process to precisely identify the complete list of PI they deal with
- Privacy Testing of Mobile Apps: This is a specialised offering from Arrka – via our Privacy Testing Centre. Mobile apps throw up their own unique
Data Privacy Training at Arrka:
We are the first and only accredited training provider for privacy by the Data Security Council of India (DSCI) for their flagship Privacy certification – DCPP (DSCI Certified Privacy Professional).
We provide the following training programs for privacy:
- DCPP Boot Camp: This is a 3-day intensive workshop designed to equip individuals to take the DCPP certification exam. For upcoming boot camp details please drop an email to firstname.lastname@example.org for details.
- Workshop on ‘Introduction to Data Privacy’: This is a one-day introductory workshop for individuals who want to understand what Data Privacy is all about, what is its relevance to their organization – especially from the Indian context. The program is offered as an in-house program for enterprises as well as an open program. For upcoming workshops on ‘Introduction to Data Privacy’ please drop an mail to email@example.com for details.
In addition to the structured programs above, we offer specialised, customized training and awareness programs addressing specific requirements of enterprises.
For further details, write to firstname.lastname@example.org