Building Harmony in Privacy Space
Under GDPR, there is a provision for the Union to declare a third country as a country to which transfer of personal data of EU citizens can be freely permitted without need for further formalities if the country has been assessed for adequate data protection regulations. As we have discussed in our previous article despite …
Read More Principles of Transfer under GDPR…Beyond AdequacyOne of the key concerns associated with EU data protection regulations is the possibility of a transfer of data from EU to India for processing being blocked by virtue of the legislation. This threat was present in the Data Protection days and will continue in the GDPR days. However, in order to understand the impact …
Read More Principles of Transfer under GDPR… AdequacyPrivacy protection regime has been aggressively pursued by EU for a long time. GDPR is an extension of this aggression where the penalties proposed are threatening. Hence though the principles of privacy protection envisaged under GDPR is commendable, there is discomfort on the attempt to impose extraordinary penalties. The global community is worried that the …
Read More Does GDPR impose a conflict with Indian Jurisdiction?The first question that an Indian Company needs to satisfy for itself is whether it is at all exposed to the provisions of the dreaded GDPR and if so whether there is need to respond. It must be clarified that Indian Companies appreciate the principle of Privacy and the need to protect privacy in data …
Read More GDPR Exclusion Shield is required for Indian CompaniesIndian IT industry has a high stake in the outsourced business from US and EU, UK markets. A good part of this outsourced business involves processing of “Personal Data” of data subjects of the respective country. As regards US, India has many processors who process health data and are accustomed to complying with HIPAA and …
Read More GDPR Risk.. Shareholders and Auditors may question the management. Are you ready?GDPR (General Data Protection Regulation) introduced by EU in replacement of the Data Protection regime hither to in place has opened up a debate on whether it is an “Opportunity” or a “Threat”. IDC predicts (Refer article here) that a substantial opportunity would be created for security and storage software vendors since the severity of …
Read More Is GDPR a $3.5 billion opportunity?… or threat?In a bid to continue the legacy of naavi.org as an endeavour to “Build a Responsible Cyber Society”, Naavi has started yet another educational website that should complement the current activities in promoting Cyber Law Compliance in IT industry in India. This new effort is to build awareness about the “General Data Protection Regulation” (GDPR) …
Read More GDPR Knowledge Center goes onlineAn amendment bill has been tabled in Australia to amend the Privacy Act 1988 to prohibit conduct related to the re-identification of de-identified personal information published or released by Government entities. (See Details here) According to the provisions of the amendment, when an agency is entrusted with de-identified information, they shall not act in any …
Read More RE-Identification could be an offence in AustraliaThe UID or the Aadhar started as an ID that could separate Indian Citizens in border areas from illegal migrants and serve the national security purpose. Subsequently, it has become a project to provide a control mechanism to reduce pilferage in Government subsidies reaching the target citizens. When the system began the only concern about Privacy …
Read More UID will now be the UHID for HealthcareThe proposed HDPSA (Health Data Privacy and Security Act) which is being worked on by the Health and Family Welfare department of the Union Government is likely to draw a lot from the HIPAA (Health Insurance Portability and Accountability Act) of USA. HIPAA was drafted around 1996 and then modified/upgraded with the HITECH Act (Health …
Read More Indian Version of HIPAA in the making…