The need for data localization, on one hand, will increase compliance costs-forcing global organizations to setup replicas of personal data in India. On the other hand, it will also bring technology advancement and guarantee opportunities for future investment and employment, making India a true data sovereign nation.
In the backdrop of the Bill, we expect to see the construction of multiple regulatory policies, such as framework for non-personal data, data-localization, certification for digital and IoT devices, which clearly highlight the need to build a flexible data privacy framework to cater to futuristic requirements in their overarching data privacy programs. This requires strategic planning driven by the leadership and reinforcing the need to build a strong privacy task force with legal resources close knitted with the involvement from all functions and businesses of an organization.
Our broad transformation approach considers the key facets of the bill across organization’s data lifecycle: -
- Data Governance is the practice of efficiently and effectively managing data (both personal and non–personal data) to maximize business value as well as secure the data
- Data Management consists of an organization’s practices of managing personal and non– personal data in alignment with the objectives set for Data Governance
- Data Privacy and Data Protection consists of an organization’s practices of managing and securing data in alignment with applicable data privacy laws and regulations
The draft bill addresses various burgeoning issues of the personal data ecosystem in India. However, the question — whether the bill shall remain riddled with questions or shall pave way to a new trusted regime. The answer to this shall be discovered as we stride through the passage of time.