India exempts outsourcers from privacy
regulations, states Information Age.
The new privacy and data protection rules, introduced earlier this year, asserted that any organisation collecting personal data from another body must seek consent from the subject of that data.
Indian outsourcers had been worried that this would mean they would need to get permission from their clients' customers in order to handle their data.
The rules, which require companies to take written consent from individuals about the use of sensitive personal information they collect, were a potential problem-point for outsourcing firms, reports Financial Express.
The government clarified that it was not the outsourcer but the companies collecting and sending the data that were responsible for protecting privacy.
The Indian IT Department has clarified that this was not the intent and that the rules (on sensitive personal data or information) are not applicable to companies outside India,” says Dr Kamlesh Bajaj, CEO, Data Security Council of India, writes The Hindu Business Line.
In a statement, Som Mittal, president of Nasscom, said that data security and privacy were key enablers for the growth of the global sourcing sector.
“However, the rules issued (earlier this year) had created possible interpretation issues for outsourcing companies and we thank the government for their support in issuing the necessary clarifications.”
Share