Geo Focus: Asia , Geo-Specific , Governance & Risk Management

Indian Firms Struggle to Find a Budget for DPDP Act Prep

Privacy Experts Abha Tiwari and Sunny Athwal Share Their Data Protection Journey
From left: Abha Tiwari, data protection officer, Vistara, and Sunny Athwal, chief privacy officer, HCL Technologies

Organizations in India are ramping up efforts to comply with the new Digital Personal Data Protection Act. But without the law being officially enforced, budget and hiring constraints make it challenging to allocate sufficient resources, said a panel of experts.

See Also: Using the Netskope HIPAA Mapping Guide

Another critical hurdle is hiring qualified data fiduciaries who can manage compliance. said Sunny Athwal, chief privacy officer at HCL Technologies. "One of the uncertainties has definitely been who is going to be considered a significant data fiduciary because that is definitely one area of the law has quite a high compliance burden," Athwal said.

Abha Tiwari, data protection officer at Vistara, pointed out the challenges of consent management. "When we look at India, the two bases that we have are legitimate use and consent." But Tiwari added that managing ongoing services that require ongoing consent is complex, "How often do you have to refresh these consents?" This operational complexity creates additional demands on companies struggling with multiple privacy frameworks, she said.

In this panel discussion with Information Security Media Group, Tiwari and Athwal also discussed:

  • The impact of global data privacy norms on India's DPDP Act;
  • Potential risks and penalties under the DPDP Act for data fiduciaries;
  • Strategies for organizations to build adaptable privacy frameworks.

Tiwari, who leads data protection at Vistara, which will soon be Air India, has more than 14 years of experience working as in-house counsel for a major auto manufacturer. She has been invited to be part of the privacy leadership forum of Data Security Council of India. Her profile currently ranges from policy matters to hands-on experience in deploying and executing data privacy framework management at various levels of the organization, while crafting a balance between the applicable privacy laws in different jurisdictions.

Athwal, part of the risk and compliance leadership group, serves as chief privacy officer and leads the global privacy office and the strategic partner for the European region at HCLTech. She also manages the regulatory risk program responsible for deploying industry best practices and procedures to ensure compliance with applicable laws.


About the Author

Suparna Goswami

Suparna Goswami

Associate Editor, ISMG

Goswami has more than 10 years of experience in the field of journalism. She has covered a variety of beats including global macro economy, fintech, startups and other business trends. Before joining ISMG, she contributed for Forbes Asia, where she wrote about the Indian startup ecosystem. She has also worked with UK-based International Finance Magazine and leading Indian newspapers, such as DNA and Times of India.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.asia, you agree to our use of cookies.