Author Archives: Vijayashankar Na
HIPAA Security Rule to be updated
On December 27, 2024, the office of Civil rights (OCR) at the US department of Health and Human Services (HHS) issued a Notice for Proposed Rule Making (NPRM) to modify HIPAA Security Rule. Public comments can be submitted upto 7th … Continue reading
DPDPA- Corporate Action before March 31 2025
The DPDPA as an act has been in place for now over 16 months. The excuse “Rules are not notified” has begun to fade with the notification of the “Draft Rules”. Habitual procrastinators may still find excuse that the draft … Continue reading
Comments on DPDPA Rules-5: Business Contact Address
We have already discussed the status of Business Contact Address under DPDPA 2023 earlier and categorically held the view that a) We cannot determine the nature of an email as personal or business with reference to the domain name attached … Continue reading
Comments on DPDPA Rules-4: Verifiable Guardian Consent
One of the most discussed provisions of the DPDPA Rules is the rule 10 and 11 related to the handling of personal data of a minor. As per the Act, a data fiduciary intending to process the personal data of … Continue reading
Comments on DPDPA Rules-3: The rules on Consent Manager is disappointing.
The DPDPA Rules on Consent Manager (Rule no 4 with Schedule 1) is disappointing since it indicates that the ministry is stuck with its concept of account aggregator and has failed to go beyond the myopic view that the consent … Continue reading
Comments on DPDPA Rules-2: Do we require a notification for Section 44 ?
The DPDPA Rules contain two sets of rules. One set appliable immediately on publication and another set for which separate dates will be notified. The rules that will become immediately applicable namely Rules 1, 2 and 16 to 20 are … Continue reading