National Digital health Mission shows the way.. Be Ready before PDPA becomes effective

India is entering the global order of Privacy Protection with the enactment of “Personal Data Protection Act” some time in 2021 when the Bill (PDPB 2019) will be presented to the Parliament.

Even while a section of the industry is working at delaying the passage of the Bill, the Government is silently working at implementing the provisions of the proposed bill in its National Digital Mission without waiting for the Bill to be passed, DPA to be constituted etc.

This approach is consistent with the law in India since Information Technology Act 2000 (ITA 2000) already has provisions under Section 43A.  This provision of ITA 2000 mandates protection of sensitive personal data under “Reasonable Security Practice”.

“Reasonableness” under Section 43A can be extended to “Due diligence” which includes the general legal development in the country that India is shortly enacting a comprehensive personal data protection Bill which will expand and replace Section 43A of ITA 2000.

The fact that PDPB 2019 is the “Due Diligence Prescription under Section 43A of ITA 2000” is the reality and though the penal provisions of the law may not be effective as at this time, the principles of personal data protection under PDPB 2019 are applicable as of now as part of Section 43A of ITA 2000. This has been rightly recognized by the Ministry of Health which has adopted the emerging law into its NDHM project through a comprehensive ” Health Data Management Policy”.

Since this policy indicates how other sectoral regulators may also think of advancing the implementation of PDPB 2019 without waiting for the formalities of its passage into a law, we can explore this policy is greater detail along with the other details of the NDHM through a series of articles.

Watch out for more information

Naavi

( To be continued)

All Articles in the series:

1.National Digital health mission shows the way… Be Ready before PDPA becomes effective

2.NDHM is a trend setter… Get started early on the Privacy Protection journey

3.Consent Management under NDHM

4. NDHM-Health Management policy Objective need not be linked to ISO standard

5.Managing IDs in NHD ecosystem

6. Data Fiduciaries under NDHM

About Vijayashankar Na

Naavi is a veteran Cyber Law specialist in India and is presently working from Bangalore as an Information Assurance Consultant. Pioneered concepts such as ITA 2008 compliance, Naavi is also the founder of Cyber Law College, a virtual Cyber Law Education institution. He now has been focusing on the projects such as Secure Digital India and Cyber Insurance
This entry was posted in Cyber Law. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.