Enforcement of DPDP Act 2023
On August 11, 2023, the Indian Government published the Digital Personal Data Protection Act 2023 in the official Gazette. The enforcement date of the said DPDP Act 2023 is being reserved for a future date and according to a news report, different portions of the Act will come into force after the IT Ministry has to prescribe further DPDP rules and notification for enforcement and the IT Minister Mr Rajeev Chandrasekhar said in a press conference that, the adjudicatory body i.e. The Data Protection Board which is responsible for hearing complaints and appeals of Data Principals will be set up within the end of October 2023. The IT Minister has also strictly mentioned that no longer than a year will be provided for compliance with the DPDP Act 2023.
Appointing a qualified Person as a DPO:
To address the complex compliance requirements of the new act and according to the legislative mandate under Section 10 (2) of the DPDP Act 2023 companies operating in India are required to appoint a Data Protection officer. There is a huge surge in demand for hiring highly qualified Data Protection officers (DPO) and the demand is expected to grow with time since the cost of non-compliance of the said DPDP Act 2023 can draw huge fines amounting to 250 crores INR. To corroborate the above statement a research survey report was put together by Job searching website Foundit and the said survey has found that the demand for the role of Data Protection officers has increased by 32 per cent in the past 2 years and this figure is expected to double as the enforcement date of the act is nearing.
.Because the substantial part of the DPO job involves a proper and holistic understanding and expertise in cyber security and Data Protection practices and the same cannot be acquired by the bare reading of Data Protection legislation, for instance, the same survey by Foundit also mentions that the availability of persons applying for DPO roles are also increased by 21 percentage and it is highly impossible to choose to a right candidate from a pool of large number of applicants.
Importance of appointing a C- DPO (India) certified Data Protection officer:
The compliance requirements under DPDP Act 2023 are highly complex and it is expected that the upcoming rules of DPDP Act 2023 will provide stringent procedural requirements which will further complicate the journey of compliance. The only practical solution is to hire a C- DPO (India) certified Data Protection officer
To understand the seriousness of the above situation and to stress the importance of hiring a C- DPO (India) Certified Data Protection Officer it is essential to learn about the compliance requirements which is mandated for DPO under the DPDP Act 2023:
- According to Section 6 (3), the Contact details of the Data Protection Officer shall be published while the request for consent is being presented to the Data Principals and the said Data Protection Officer is obliged to properly communicate and assist the Data Principals in exercising their rights mentioned in the DPDP Act 2023.
- According to 8(9), the Data Protection officer shall answer to the Data Principal on behalf of the Data Fiduciary the questions regarding the processing of personal data of the Data Principal
- According to Section 10 (2), the Data Protection Officer shall be responsible for the Board of Directors governing Significant Data Fiduciary and act as a point of contact for the grievance redressal mechanism established under the provisions of the DPDP Act 2023.
To enforce the above compliance requirements and other compliance requirements which are to be published under DPDP Rules, it is cardinal to appoint a well-qualified and Certified Data Protection Officer.
To address this unique problem, Tsaaro Academy offers a tailor-made and comprehensive course on the Indian Privacy Law known as C- DPO (India). It is important to understand that any person can learn and remember all 44 sections under the DPDP Act 2023, but it is impossible to practically perform the compliance requirements mentioned under the said Act.
To overcome this problem, hiring a C- DPO (India) Certified Data Protection Officer is Paramount. The contents of the course dive deep into the day-to-day responsibilities of DPO including how to draft a consent Notice and how to understand and appoint a consent Manager to act on behalf of Data Principals.
The course content is structured with practical exercises ranging from:
- Mapping Territorial and Material Application of DPDPA using case – scenario analysis
- Analyzing the Processing Activities by matching them with proper Lawful grounds.
- Drafting scenario-based Privacy Notices
- Drafting Internal Data Protection Policy and Data Retention Policy
- Drafting a Data Principal Rights Management Manual and Management Workflow and Data Breach Management workflow in case of a Data breach
- Learning the practical intricacies of DPIA, and ROPA and conducting a proper DPIA and ROPA
- Conducting a Vendor Risk Assessment and classifying the vendors from low to high-risk metrics and learning how to classify such metrics.
Apart from the Practical Exercises, to get certified as a C – DPO (India) Certified Data Protection Officer one must complete a 2-hour MCQ-based examination which predominantly consists of Scenario and conceptual questions.
So, if a person who is being certified as a C- DPO (India) is well versed in the day-to-day job responsibilities of a Data Protection officer it is the wise choice to hire such a highly qualified, technically sound C- DPO (India) certified Data Protection officer as your company’s DPO for navigating the complex journey of DPDP Act 2013 compliance.
Why choose Tsaaro Academy for a Better Future?
The courses offered by Tsaaro Academy offer flexible learning, personalized guidance, immersive experiences, a supportive community of alumni network, and career-boosting skills. The course content is being drafted by experts with prior experience in their respective fields, so the contents of the course naturally provide real-world knowledge, engaging content, and hands-on training, guaranteeing practical relevance as well as strengthening career prospects for the students in the future.
Whom to contact and how to get started?Tsaaro Academy has got you covered. Apart from C- DPO(India ) certification, Tsaaro Academy offers other industrially accredited certifications including C- DPO ( Practitioner), CISM, PECB courses, CEH(v12) etc. If you are interested in pursuing the above-mentioned courses or you are interested in choosing Tsaaro Academy for getting ISO 27001 Lead Auditor or Implementer certification, visit our Tsaaro Academy website for further details. Consult our knowledgeable tutors for advice.