Cyber Law Compliance Center
Promoted by www.naavi.org
Contact: naavi@fdppi.in
Naavi’s Cyber Law Compliance Center in its pursuit to promote Cyber Law aware and compliant society in India provides certain policy documents as model for adoption by intending individuals or organizations.
The suggestions are purely voluntary and donot carry any warranty.
It must be noted that these suggestions may not fully satisfy the legal requirements of “Due Diligence” under ITA 2000/8 though are expected to be a significant step in this direction.
The interpretation of what is “Sufficient Due Diligence” in any specific context will be determined by the judicial authorities adjudicating the matter based on the circumstances relevant to the respective incident.
In general every IT user and Organization in India is expected to take such Managerial, Technical, Operational and Physical security controls necessary for securing Information under their control.
The suggestions made here in are to be considered as a suggested Standard under development for Techno Legal Information Security viz: Indian Information Security Standard (IISF-309) being promoted by Naavi entirely as a public interest project. These donot constitute legal advice.
We donot claim that these suggestions have any approval of any Government authority and compliance of what is suggested is purely voluntary.
Neither this center nor Naavi or any of his associates undertake any liability for any person who may suffer a damage on account of following these suggestions.
Information about Naavi and his activities are documented in the website www.naavi.org and other associated websites.
Documents Available as Model Policies for Adoption
1(a): Whats App terms for FDPPI groups
2.Data Breach Notification Policy
5. Model Work From Home Undertaking
6. Deceased Data Principal-Policy for handling data
To be added
- Nomination policy under DPDPA
- Employee Undertaking under DPDPA
- All Earlier policies drafted under ITA 2000 will be revised keeping DPDPA into consideration