It is well known that every organization that has employees, is exposed to DPDPA non compliance risk. Though “For Employment” is considered a reason for bringing a personal data processing situation under “Legitimate Use” basis, it only covers the exemption from notice and consent and leaves the rest of the obligations in tact.
Some organizations use HRMS services from third parties and also use manpower on contract basis.
Application of DPDPA in these special circumstances need to be analysed to determine how to navigate the compliance requirements.
FDPPI recommends use of a specific framework DGPSI-HR to manage the DPDPA compliance in HR operations.
As a part of the development process, an open house presentation would be made on 15th January 2026 at 7.00 pm . Interested parties are welcome to attend and contribute to the thoughts.
Naavi
