Appropriate Measures to Control Access to Computer Resources
Controlling access to computer resources is critical to preventing unauthorized access to personal data.
Appropriate Data Security Measures Under Rule 6(a)
To comply with the obligation to implement reasonable security safeguards, companies should adopt a combination of technical and organizational measures. Below is a detailed list:
Suggested Template to publish Business Information of Data Protection Officer (DPO)
In accordance with the Digital Personal Data Protection Act, 2023, the following details are published for the Data Protection Officer (DPO) designated by [Company Name] to oversee data protection compliance and handle grievances related to personal data processing.
Suggested Mechanism to Redress Grievances of Data Principal
To effectively redress grievances of Data Principals under the Digital Personal Data Protection Act, 2023 (DPDP Act), a company should implement a clear, accessible, and time-bound grievance redressal mechanism. Below are practical, compliant, and user-friendly mechanisms:
Additional obligations of Significant Data Fiduciary
This provision outlines additional obligations imposed on a Significant Data Fiduciary (SDF)—a category of Data Fiduciary that handles large volumes of sensitive personal data or has a high impact on national or public interest.
Rule 10: Verifiable consent for processing of Personal Data of a Child
This clause outlines the obligations of a Data Fiduciary (an entity that determines the purpose and means of processing personal data) with respect to obtaining verifiable consent before processing the personal data of children or persons with disabilities who have a lawful guardian, under the applicable data protection framework in India.
Compliance Under Rule 7 – Intimation of Personal Data Breach
On becoming aware of any personal data breach, the Data Fiduciary shall, without delay and to the best of its knowledge, inform each affected Data Principal in a concise, clear, and plain manner
Responsibilities of Data Fiduciary under Digital Personal Data Protection Act
Under the Digital Personal Data Protection Act, 2023 (DPDP Act) in India, a Data Fiduciary plays a central role in ensuring the lawful and responsible processing of personal data.
Reasonable Security Safeguards to be Followed under Digital Personal Data Protection Rules
Data Fiduciary is required to comply with reasonable security safeguards to ensure protection of personal data of Data Principal in its possession or under its control.
Discontinuation of the Term “100%” on Food Labels and Promotional Materials
FSSAI has observed an increasing trend of food businesses using the term “100%” on labels and advertisements. This term is not defined under any current food law and may mislead consumers by suggesting absolute purity or superiority, contrary to regulatory intent.