Yesterday we had an interaction with a large group of CIOs in Coimbatore and discussed the DGPSI framework as a solution to DPDPA compliance.
As a part of the discussion, a need has emerged for considering the manufacturing industries with only B2B services as a separate category/sector for which DPDPA compliance has to be specifically designed.
The DGPSI framework already has one simpler version called DGGPSI Lite with 36 implementation specifications and DGPSI Full with 50 implementation specifications.
Both frameworks are applicable across different sectors including manufacturing sector. DGPSI full version also addresses some Data Governance issues while DGPSI Lite is limited to DPDPA compliance.
While implementing these frameworks for manufacturing industries, the fact that their exposure to personal data processing is limited to employees is already factored in. In case the manufacturing industry has retail stores or e-commerce websites, their exposure to DPDPA 2023 increases.
However there are many industries who donot have e-commerce and donot have retail sales and hence their encounters with personal data is limited to employees, current, prospective and past.
Considering these restricted exposure of B2B companies, the DPDPA Gap assessment as well as implementation has been simplified leading to an assessment which is named “B2B-DTS”.
Hopefully this will enable a large number of eligible industries of this category meet the compliance certification quickly without the rigorous requirements of a company which has personal data collections on a large scale from consumers.
Companies interested in such assessments may contact Naavi/Ujvala Consultants Pvt Ltd for more information.
Naavi
