Category Archives: Cyber Law

Under HIPAA we use a term “Protected health Information” to denote that health information that is within the provisions of the Act. It also means that there are other health information which is not coming under HIPAA. Only the information … Continue reading →

On December 27, 2024, the office of Civil rights (OCR) at the US department of Health and Human Services (HHS) issued a Notice for Proposed Rule Making (NPRM) to modify HIPAA Security Rule. Public comments can be submitted upto 7th … Continue reading →

The DPDPA as an act has been in place for now over 16 months. The excuse “Rules are not notified” has begun to fade with the notification of the “Draft Rules”. Habitual procrastinators may still find excuse that the draft … Continue reading →

We have already discussed the status of Business Contact Address under DPDPA 2023 earlier and categorically held the view that a) We cannot determine the nature of an email as personal or business with reference to the domain name attached … Continue reading →

One of the most discussed provisions of the DPDPA Rules is the rule 10 and 11 related to the handling of personal data of a minor. As per the Act, a data fiduciary intending to process the personal data of … Continue reading →

The DPDPA Rules on Consent Manager (Rule no 4 with Schedule 1) is disappointing since it indicates that the ministry is stuck with its concept of account aggregator and has failed to go beyond the myopic view that the consent … Continue reading →