Digital Personal Data Protection Act 2023

The Digital Personal Data Protection Act, 2023 (DPDP Act) is an Indian law that regulates the governance of personal data collected by organizations, with the objective of providing standards for handling digital personal data in a way that respects both people's rights to privacy protection and the need to handle personal data legally. The DPDP Act prescribes penalties for non-compliance with its provisions, ranging from up to INR 10,000 to up to INR 250 Crores for different offences, depending on the nature and severity of the breach. The DPDP Act also prescribes duties for data principals, such as not impersonating another person, not suppressing material information, furnishing only verifiably authentic information and not making frivolous complaints. The DPDP Act lays down principles for data processing, such as lawfulness, fairness, transparency, purpose limitation, data minimization, accuracy, storage limitation, accountability and security. The General Data Protection Re...

The Digital Personal Data Protection Act, 2023 (DPDP Act) is a new law that regulates the processing of personal data in India. It aims to protect the privacy rights of individuals and create a framework for data governance and accountability. The DPDP Act will have a significant impact on the Indian healthcare industry, which is still in its early stages of digital evolution. Some of the key impacts are: ·          The DPDP Act will require healthcare providers and entities to obtain explicit consent from data principals (individuals whose data is processed) before collecting, using, or sharing their personal health data, which is classified as sensitive personal data under the law. ·          The DPDP Act will also mandate healthcare providers and entities to implement appropriate security measures, conduct data protection impact assessments, appoint data protection officers, and comply with the codes ...