Data Security Council of India (DSCI) is an industry body promote by NASSCOM and has developed its own framework for Privacy called DSCI Privacy Framework.
DSCI Framework is built on nine factors spread over three layers namely
Layer I: Privacy Strategy and Processes
- Visibility over Personal Information (VPI)
- Privacy Organization and Relationship (POR)
- Regulatory Compliance Intelligence (RCI)
- Privacy Contract Management (PCM)
Layer II: Information Usage, Access, Monitoring and Training
6. Privacy Monitoring and Incident Management (MIM)
7.Information Usage and Access (IUA)
8. Privacy Awareness Training (PAT)
Layer III: Personal Information Security
9. Personal Information Security
Against each of the above parameters , best practice notes have been developed.
DSCI has also developed an assessment framework called DSCI Assessment Framework (DAF-P) to assist organizations. It consists of two parts, one focussing on “Assessment of Organizational Competence” in Privacy based on nine practice areas described above and the other- Privacy Principles based Assessment focussing on global privacy principles.
Though the assessment can be conducted on a self assessment basis, DSCI is also developing empanelled auditors who can help organizations attain DSCI Certification.
DSCI has also developed a check list for self assessment by organizations for compliance under ITA 2000/8 called Section 43A-ITAA Checklist to help organizations to check their level of compliance under ITA 2000/8. (Covered separately in another section of this site).
P.S: This page may be updated from time to time with additional information. Discussions on this may also be covered in the articles on the site.