EDITORIAL
From the desk of Chief Executive Officer,
Every industry today is experiencing a lot of regulations around data protection and privacy. We initially had a very strong framework in the form of “General Data Protection Regulation” which is the GDPR for the European Union. Then there were a couple of regulations in the USA and others have already been existing across other countries such as Australia and Singapore. India is also at the cusp of getting its own India data protection regulation and it needs to be seen how all these will converge and ensure that citizen's data is protected globally by each country that processes the data.
It is not just about the fines and penalties that try to achieve and ensure regulations are complied with. It's really about reputation and the overall corporate governance, tone at the top, and making people realize that my business is vulnerable if I am not compliant. A message needs to go out to the citizens that our business is careful about processing your data and in a very respectful manner. That is really the crux of corporate governance when it comes to data privacy. Unlike technical control such as encryption and access management which are easier to comply with, it's really the business objective, the business models, and how these are defined that will really separate good businesses from bad businesses.
So let us welcome the new regulations in India. And hope that it achieves this intended objective of putting some pressure on businesses, small or large, in making sure that data processing is in compliance with the laws of the land and ultimately upholds the fundamental rights of an individual.
Enjoy the Newsletter and lets together celebrate Data Privacy Day
- Manoj Jain
Articles
Emerging Privacy Enabling Technologies in Healthcare industry: A “PET” Project
Sucheta Upendra
SVP – Information Security, Riskpro India
The Healthcare industry has witnessed an enormous digital transformation in recent years. Especially post COVID-19, the adoption of digital technologies is increased in areas such as virtual consultation and contact tracing by public health organizations. At the same time, regulators across regions have released specific guidelines and sometimes even updates in regulations to protect the health data and rights of the patient. Governance and procedural controls and even traditional IT controls provide limited protection and assurance to comply with such guidelines. Organizations now rely more and more on ‘Privacy-Enhancing Technologies (PETs).
Customer-Centric Approach
Vivek Dixit
EVP – Risk Management and Governance Advisory, Riskpro India
Everyone in business expects to get customers or clients. Normally if a product is sold then the buyer is called a customer, while if a service is sold, the buyer of the service is called a Client. Everyone expects a smooth relationship with the customer or client. But does it happen that way? Maybe a few times yes, many a time No. Why? In my view only because the customer or client was not the focus. The focus was the transaction, the sale. In this article, I am trying to highlight a few areas, and facts and help you as a Reader to be more informed to make your decisions.
Data Privacy – 2022 and Beyond
Swati Phadke
VP – IT Risk Advisory, Riskpro India
The last 2 years have seen extraordinary changes and challenges in the world, impacting every aspect of our lives. The relentless rate of change in the risk and regulatory environments for data privacy only increased in 2021. Considering the ever-exciting new technologies, innovations around data we should certainly expect increasing new opportunities, risks, and hence vulnerabilities in 2022. The current scenario demands a progressive, risk-based, and globalized strategy towards data privacy. Now that 2021 has come to a close, let us look back at the major happenings around data privacy in 2021. Also, let us see what can we expect for data privacy in 2022?
Data Privacy in Times of Covid 19 And Its Impact on Organizations
Sonakshi Sinha
Manager Legal and Data Privacy, Riskpro India
In this article, we focus on data protection and privacy, and how organizations may have to act to the changing scenario during the COVID-19 pandemic. The quick digital transition created by the effects of Covid-19 poses a significant compliance challenge, especially given the prevailing attitude of organizations towards data privacy compliance. Due to a lack of ability to deal with data privacy and protection in the wake of Covid-19, data privacy, security, and management have become a major problem for most organizations
ABOUT RISKPRO
Riskpro India Ventures Private Limited ("Riskpro India") is a specialized Risk Management consulting company in India. It is managed by experienced professionals with experiences across various industries. Hence since 2011, Riskpro has been actively involved in providing effective risk management services. We are a growing organization with well-qualified professionals and a pool of talented resources.
With offices and clients in Mumbai and people and clients in Delhi, Bangalore, Chennai, Pune, Hyderabad, and Kolkata, we are one of the fastest-growing risk consulting firms in India. We also have client presence in UAE/ USA/ Singapore/ Australia/ UK/ Europe etc. We are in 11+ years in business, serviced 600+ clients in 7 cities, with 45 cities associate representation, 75 team members, and 10 Strategic partners.
Riskpro Service Offerings
Riskpro can assist your organization in various services provided through our 4 verticals:
- Advisory & Assurance – We conduct Risk-based internal audits, IT audits, Personal Data Protection compliance reviews, SOPs, ERM, legal compliance audits, GDPR, SSAE18, IFC, Risk Library, etc.
- Technology – We provide software for Legal Compliance management, Internal Audit, Risk management, Contract Management, Insider Trading, Third-Party Risk Management, Robotic Process Automation (RPA), etc. through our technology partner firms.
- Training – We conduct in-person/online training on topics like ERM, Risk assessment, AML, Fraud risk, Information security, ISO 27001, ISO 31000 among others.
- Recruitment - We provide full/part-time internal auditors, Virtual risk managers, and Independent directors for corporates.
To learn more visit, www.riskpro.in