The overall understanding on privacy is evolving rapidly round the world. EU (proposed revision of Data Protection Directive), US (Consumer Privacy Bill of Rights) and OECD (Privacy Principles) are debating changes to existing privacy regimes in the wake of technology and globalization challenges to privacy that have emerged over the last two decades. In India too, the rules u/s 43A of the IT (Amendment) Act, 2008 detail the expectations in privacy. A comprehensive Privacy bill is in the making triggered by privacy concerns in the government projects such UID and NATGRID.
Organizations are taking steps to address growing privacy concerns and are integrating privacy in their policies and functions. Mechanisms & techniques such as Privacy audits, Privacy risk assessments, Privacy Impact Assessments, Gap assessments etc. are being increasingly adopted by organizations.
DSCI has developed a privacy framework – DPF© – comprising 9 practice areas, which helps an organization implement privacy protection in its processes, and across the entire organization. It also sets out privacy principles, which are almost universally applicable irrespective of geographical privacy laws. The best practices under these areas have been seen to generate value to organizations in pilot implementations and help them to mature in their overall privacy initiative. While a data-centric methodology guides DPF implementation through its focus on information visibility and risk assessment, a key requirement for its adoption is the assessment process for certification and/or rating or a Privacy Seal.. The seal or certification thus generated can enable organizations to demonstrate their compliance with legal requirements of a particular geography, which might provide an edge to them in their business endeavors.
DSCI has set up the Privacy Assessment Advisory Group (PAAG) to seek guidance for development of an appropriate assessment process with a view to create a DSCI Privacy Seal/Certification. Member of the Advisory Group will guide us in developing an appropriate assessment process with a view to creating a DSCI Privacy Seal (or DPF Privacy Seal).
(Listed in alphabetical order)
|Mr. Akhilesh Tuteja||Partner, Head of IT Advisory||KPMG|
|Mr. Baljinder Singh||Global Head of Technology, Information Security and Business Continuity||EXL Services|
|Mr. B.J. Srinath||Senior Director||CERT-In, DeitY|
|Mr. Felix Mohan||Senior Vice President & Global Chief Information Security Officer||Bharti Airtel|
|Mr. Hitesh S. Barot||Vice President -Technology Policy||GE|
|Dr. Neena Pahuja||Chief Information Officer||Max Health Care Institute|
|Mr. Pazhamalai Jayaraman||Chief Information Security Officer & General Manager- Information Risk Management and Policy Compliance||Wipro|
|Mr. Rajeev Chopra||India Legal Lead||Accenture|
|Mr. Rajesh Dalal||Vice President- Technology||Make My Trip|
|Mr. Sivarama Krishnan||Executive Director- Risk Advisory Services||PwC|
|Mr. S. Mukhopadhyay||GM & Chief Information Security Officer||SBI|
|Mr. Srinivas Poosarla||Associate Vice President and Head (Global), Privacy & Data Protection||Infosys|
|Mr. Vakul Sharma||Advocate Supreme Court||Vakul Corporate Advisory|
|Mr. Vipin Aggarwal||Global Lead- Data Privacy and Intellectual Property||Genpact|
|Mr. Vishal Salvi||Chief Information Security Officer||HDFC Bank|
|Mr. V. Sivasubramanian||Director-Strategic Planning||National e-Governance Division|