Data Privacy
Today January 28 is recognized as Data Privacy Day. A relatively new but fast growing recognition in industry.
It is an international event, occurred and celebrated every year across globe. The purpose of this day is to raise awareness on Data Privacy and promote privacy and data protection.
Many countries have their standard and policy implemented so far on the data privacy. Europe has initiated its GDPR (General Data Privacy Regulation) and similarly others develop some standards like CIPP/E, CIPP/US by IAPP (International Association of Privacy Professionals).
As per wiki, The General Data Protection Regulation (EU) 2016/679 (GDPR) is a regulation in EU law on data protection and privacy in the European Union (EU) and the European Economic Area (EEA). It also addresses the transfer of personal data outside the EU and EEA areas. The GDPR's primary aim is to give individuals control over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.[1] Superseding the Data Protection Directive 95/46/EC, the regulation contains provisions and requirements related to the processing of personal data of individuals (formally called data subjects in the GDPR) who are located in the EEA, and applies to any enterprise—regardless of its location and the data subjects' citizenship or residence—that is processing the personal information of individuals inside the EEA.
(Source: Wikipedia:https://en.wikipedia.org/wiki/General_Data_Protection_Regulation)
In India for the present time the data privacy act is in draft mode and under review process. May be within some years, it will be approved and implemented across the country. The Govt. may decide a particular standard to follow. However besides that, Data Security Council of India (DSCI) a setup by NASSCOM is working with the DSCI Security framework to comply many best practices. It also publishes white papers and studies. Please refer to DSCI website for more information.
Many vendors provide service related to Data privacy across globe, their service includes but not limited to as below;
- Register of data processing activities.
- Data subject rights management.
- International data transfers.
- KPI / MI dashboard reporting.
- Policy and procedures maintenance.
- Privacy Shield compliance assurance.
- Data mapping.
- Privacy compliance assessments and Internal audits.
- BCR application and maintenance.
- Monitoring of codes of conduct/certifications.
- Training.
- Privacy crisis and incident management.
- Shadow regulatory audits.
- Risk Management
- Privacy assessment
- Breach Management
- Records Management
- Designing and implementing privacy practices that minimize risks associated with the collection of personal data
- Data protection impact assessments
- Data privacy process planning services
- Document review and drafting services
- Data protection gap analysis services
- Personal data mapping services
- Privacy user services
- DR
No comments:
Post a Comment