DSCI started functioning as an independent company with its own Board, and a small core team comprising technical experts, guided by the Steering Committee in August, 2008. Their guidance has enabled DSCI define its mission, which in turn helped it draw up a Work Plan, with a practical approach for involving the industry through our Content Aggregation Program. This program comprises mapping of regulations into controls, and deriving best practices from the same. The Best Practices for Data Security and Data Privacy have been developed using the experience of ISO 27001 security standard, and OECD Privacy Principles, and that of government framework implementation like FISMA in the USA; as also the recommendations of analysts and tactical guidelines emerging over the last few years. The best practices will enable a service provider in India to be not only in compliance with regulatory requirements, but also make them really secure.
DSCI engaged with stakeholders in the US, the UK, European Union and some other countries to make them aware of the emphasis on security and privacy practices by the Indian IT/BPO industry. This was through presentations to, and discussions with, data protection authorities and clients in a number of seminars and workshops.
DSCI engaged with the IT/BPO industry during the year through a number of security awareness seminars and workshops, and on the need for best practices and standards for enhancing their trustworthiness. The industry has responded favorably to the DSCI Data Protection Approach based on best practices, and its aim of becoming a self-regulatory organization.
DSCI is presently implementing a number of pilots, using its frameworks – DSF© and DPF© – with a number of IT/BPO companies.