Courses >DPA

The Data Protection Act of India

Contact 

87677 66325

70459 27979

  • The Bill related to Data Protection Act will soon be tabled in the Parliament and it will take the form of Data Protection Act, which will be applicable to Data Fiduciary and Data Processors who collect, process and store personal data of  their clients , customers, vendors etc.

  • GET READY TO DEAL WITH THE STATUTORY REQUIREMENT

This course includes 

25  hours Instructor led Classroom training

Complete Data Protection Act Coverage

Glimpse into Information Technology Act

Module on Technological aspect of Data Protection Act

Quality training by Certified CISA Practitioners and  experts from IT Security industry 

Intended Participants

Top Management

Compliance Officers/Managers

Data Protection Officers

Chartered Accountants 

Chief Risk Officer / Risk Officers

IT Security Heads / CISO

Chief Privacy Officers

IT Security Consultants

Course Outline

Short title, extent and commencement.—

  • Application of the Act to processing of personal data

  • Definitions.—In this Act, unless the context otherwise requires,

  • DATA PROTECTION OBLIGATIONS

  • Fair and reasonable processing

  • .Purpose limitation

  • Collection limitation.

  • Lawful processing.

  • Notice.

  • Data quality.

  • Data storage limitation.

  •  

GROUNDS FOR PROCESSING OF PERSONAL DATA

  • Processing of personal data on the basis of consent

  • Processing of personal data for functions of the State.

  • Processing of personal data in compliance with law or any order of any court or tribunal.

  • Processing of personal data necessary for prompt action.

  • Processing of personal data necessary for purposes related to employment.

  • Processing of data for reasonable purposes.
     

GROUNDS FOR PROCESSING OF SENSITIVE PERSONAL DATA

  • Processing of sensitive personal data based on explicit consent.

  • Processing of sensitive personal data for certain functions of the State.

  • Processing of sensitive personal data in compliance with law or any order of any court or tribunal.

  • Processing of certain categories of sensitive personal data for prompt action.

  • Further categories of sensitive personal data

PERSONAL AND SENSITIVE PERSONAL DATA OF CHILDREN

  • Processing of personal data and sensitive personal data of children
     

DATA PRINCIPAL RIGHTS

  • Right to confirmation and access.

  • Right to correction, etc.

  • Right to Data Portability.

  • Right to Be Forgotten.

  • General conditions for the exercise of rights

TRANSPARENCY AND ACCOUNTABILITY MEASURES

  • Privacy by Design.

  • Security Safeguards.

  • Personal Data Breach

  • Data Protection Impact Assessment.

  • Data Audits.

  • Data Protection Officer

  • Processing by entities other than data fiduciaries.

  • Classification of data fiduciaries as significant data fiduciaries.

  • Grievance Redressal.

 

 TRANSFER OF PERSONALDATA OUTSIDE INDIA

  • Restrictions on Cross-Border Transfer of Personal Data.

  • Conditions for Cross-Border Transfer of Personal Data.

EXEMPTIONS

  • Security of the State.

  • Prevention, detection, investigation and prosecution of contraventions of law

  • Processing for the purpose of legal proceedings.

  • Research, archiving or statistical purposes

  • Personal or domestic purposes.

  • Journalistic purposes.

  • Manual processing by small entities.

 

DATA PROTECTION AUTHORITY OF INDIA

  • Establishment and incorporation of Authority..

  • Composition and qualifications for appointment of members

  • Terms and conditions of appointment.

  • Removal of members. Powers of the chairperson

  • Meetings of the Authority.

  • Vacancies, etc. not to invalidate proceedings of the Authority.

  • Officers and Employees of the Authority.

  • Grants by Central Government.

  • .Accounts and Audit

  • Furnishing of returns, etc. to Central Government.

  • Powers and Functions of the Authority

  • Codes of Practice.

  • Power of Authority to issue directions

  • Power of Authority to call for information.

  • Power of Authority to conduct inquiry.

  • Action to be taken by Authority pursuant to an inquiry.

  • Search and Seizure

  • Coordination between the Authority and other regulators or authorities

  • Appointment of Adjudicating Officer

 

PENALTIES AND REMEDIES

  • Penalty for failure to comply with data principal requests under Chapter

  • Penalty for failure to furnish report, returns, information, etc

  • Penalty for failure to comply with direction or order issued by the Authority.

  • Penalty for contravention where no separate penalty has been provided

  • Adjudication by Adjudicating Officer

  • Compensation.

  • Compensation or penalties not to interfere with other punishment

  • Data Protection Funds.

  • Recovery of Amounts.

 

APPELLATE TRIBUNAL

  • Establishment of Appellate Tribunal.

  • Qualifications, appointment, term, conditions of service of members.

  • Staff of Appellate Tribunal.

  • Distribution of business amongst benches.

  • Appeals to Appellate Tribunal

  • Procedure and powers of Appellate Tribunal

  • Orders passed by Appellate Tribunal to be executable as a decree.

  • Appeal to Supreme Court of India

  • Right to legal representation.

  • Civil court not to have jurisdiction.

 

OFFENCES  

  • Obtaining, transferring or selling of personal data contrary to the Act

  • Obtaining, transferring or selling of sensitive personal data contrary to the Act

  • Re-identification and processing of de-identified personal data.

  • Offences to be cognizable and non-bailable

  • Power to investigate offences.

  • Offences by companies.

  • Offences by Central or State Government departments.

 

TRANSITIONAL PROVISIONS

  • Transitional provisions and commencement.

 

Power of Central Government to issue directions in certain circumstances.

  • Members, etc., to be public servants.

  • Protection of action taken in good faith.

  • Exemption from tax on income

  • Delegation.

  • Power to remove difficulties

  • Power to exempt certain data processors

  • No application to non-personal data

  • Bar on processing certain forms of biometric data

  • Power to make rules

  • Power to make regulations.

  • Rules and Regulations to be laid before Parliament

  • Overriding effect of this Act

  • Amendment of Act 21 of 2000.

  • Amendment of Act 22 of 2005.

  • THE FIRST SCHEDULE

  • THE SECOND SCHEDULE

 

Contact Us/  Inquiry

Contact 

87677 66325

70459 27979

  • Risk Policy & Assessment

  • NIST’s Risk Assessment Methodology

  • Steps to Assess Risks at Work Place

  • Cost/Benefit Analysis

  • NIST Approach for Control Implementation

  • Risk Analysis

  • Risk Mitigation

  • Residual Risk

  • Risk Management Tools

  • What is CSIRT?

  • Analyzing the need of Incident Response Team (IRT)

  • CSIRT Goals, Strategy, and Vision

  • Common Names of CSIRT

  • CSIRT Mission Statement, & Constituency

  • CSIRT Place in the Organization

  • CSIRT Relationship with Peers

  • Types of CSIRT Environments

  • Best Practices for creating a CSIRT Role of CSIRTs

  • How CSIRT Handles a Case

  • Roles in an Incident Response Team

  • CSIRT Services

  • CSIRT Incident Report Form

  • Incident Tracking and Reporting Systems

ABOUT US

With the collective experience of almost 100 years of our Directors  in the field of Banking , Auditing , IT Security, Risk Management, Cyber Crime Investigation and Forensics, we have a distinct edge over our competitors.

ADDRESS
SIDR Solutions & Technologies

908, 9th Floor, IJMIMA  Commercial Complex, Behind INFINITY Mall,

Link Road, Malad(W), Mumbai

Contact No.

+91 7045927979 

+91 8767766325

+91 9820072439

CONTACT FOR MORE INFO

© 2019, SIDR Solutions & Technologies Pvt. Ltd.