Impact of India's DPDP Act on Cybersecurity and Professional Liability

Severity: Medium (Score: 51.9)

Sources: Caclubindia, Mondaq

Summary

The Digital Personal Data Protection Act (DPDP Act) enacted in India has significantly changed the landscape of data governance, affecting various sectors including corporate governance and the accounting profession. The Act imposes stringent obligations on data fiduciaries, requiring them to ensure proper data handling and security measures. This has led to increased Directors and Officers (D&O) insurance premiums due to heightened risks associated with data breaches and compliance failures. Chartered accountants and financial professionals are now required to adapt their practices to comply with the DPDP Act, which includes obtaining proper consent for data processing and implementing robust data protection systems. The Act also introduces severe penalties for non-compliance, potentially leading to derivative claims against directors. As a result, both corporate entities and professional service providers must reassess their risk management strategies in light of these new regulations. The insurance market is responding with higher premiums and stricter underwriting criteria, reflecting the evolving risk landscape. Key Points: • The DPDP Act imposes strict data governance obligations on organizations in India. • D&O insurance premiums are rising due to increased risks associated with data breaches. • Chartered accountants must enhance compliance practices to align with the DPDP Act.

Key Entities

• Data Breach (attack_type)
• caclubindia.com (domain)
• Healthcare (industry)
• Technology (industry)