DPDP Compliance · 27 articles

DPDP Compliance

DPDP Act 2023 obligations, breach response, rights fulfilment, sector overlays.

Academy

Module 7 · Data Discovery and Classification — Automated Approaches

Why this module exists. Manual data classification fails. Survey-based “where is sensitive data” produces inventories that miss 40-60% of actual locations. Modern…

May 14, 2026 · 3 min read
Academy

Module 5 · DLP at Scale — Endpoint, Network, and Cloud

Why this module exists. Indian enterprises commonly buy DLP licences and never tune them effectively. The deployment runs in monitor-mode forever, alerts…

May 14, 2026 · 4 min read
Academy

Module 6 · Encryption Strategy — At Rest, In Transit, In Use

Why this module exists. “We encrypt everything” usually means “we encrypt some things at some layer, with key management we haven’t audited.”…

May 14, 2026 · 3 min read
Compliance

DPDP Rules 2026 Notified — What Changed from the Draft, What Every Indian Data Fiduciary Must Operationalise Now

The DPDP Rules under MeitY notification clarified consent format, breach notification timelines, SDF criteria, and cross-border transfer regime. What changed from the…

May 8, 2026 · 7 min read
Compliance

DPDP Penalties Decoded: How the ₹250 Crore Maximum Actually Gets Calculated

The DPDP Act ₹250 crore penalty maximum is a ceiling, not a fixed amount. The Data Protection Board calculates actual penalties against…

May 7, 2026 · 9 min read
Compliance

DPDP Section 8 Decoded: The Eight Obligations Every Indian Data Fiduciary Must Meet

A practical breakdown of DPDP Act §8(1)–(8) — security safeguards, breach notification, retention, grievance redressal, child data, and SDF duties. With audit-evidence…

May 7, 2026 · 9 min read
Academy

Data Classification and Labelling Programme

Building a data classification programme that engineering and business actually adopt — taxonomy, labelling tools (MIP, Google Drive labels), enforcement, DLP integration,…

Apr 26, 2026 · 3 min read
Academy

Privacy Engineering — Tokenisation and k-Anonymity

Privacy-preserving primitives — tokenisation, format-preserving encryption, k-anonymity, l-diversity, differential privacy — when each applies, the engineering trade-offs, and DPDP §10 implications.

Apr 26, 2026 · 3 min read
DPDP Compliance

Incident Response Runbook: Data Exfiltration Under DPDP (India)

Data exfiltration incidents were difficult enough before the DPDP Act 2023. Now they carry statutory teeth: notification obligations to the Data Protection…

Apr 20, 2026 · 7 min read
DPDP Compliance

Hiring a Data Protection Officer (DPO) in India: The 2026 Guide

When DPDP requires a DPO, when to hire one anyway, the candidate profile, market rates in 2026, the fractional-DPO alternative, and the…

Apr 19, 2026 · 4 min read
1 2 3