Early Times Report LEH, July 9: The two-day workshop on the Digital Personal Data Protection (DPDP) Act, 2023 for the IT ecosystem concluded successfully today at Hotel Diskitsal, Leh. The workshop was organised by the Information Technology Department, Union Territory of Ladakh, in collaboration with the National e-Governance Division (NeGD) and the Ministry of Electronics and Information Technology (MeitY), Government of India. The second day's proceedings commenced with the traditional lighting of the ceremonial lamp by the dignitaries, followed by a welcome address by representatives of NeGD. The workshop brought together officers and officials from various government departments to strengthen their understanding of the Digital Personal Data Protection Act and its practical implementation for secure and responsible digital governance. The first technical session was delivered by Mr. Mohit Kedia, ICMAI, who presented an overarching view of the Digital Personal Data Protection Act, 2023. He explained the objectives and key provisions of the Act, the obligations of Data Fiduciaries and Significant Data Fiduciaries, the rights of Data Principals, and the evolving regulatory framework governing personal data protection in India. The session provided participants with a comprehensive understanding of the legal framework and its significance in the digital era. The second session was conducted by Mr. Sandip Chatterjee, Former Group Coordinator, MeitY, on the implementation of the DPDP Act for Information Technology departments. He elaborated on the practical aspects of compliance and highlighted the responsibilities of government institutions in ensuring lawful processing and protection of personal data. The third session, led by Mohit Kedia, focused on Data Inventory and Mapping: An Industry Perspective. He discussed the identification and classification of personal data, practical approaches to creating data inventories and data maps within organisations, and the challenges and best practices involved in maintaining accurate and updated records. The session emphasised the importance of systematic data management as a foundation for compliance with the DPDP Act. The fourth session was delivered by Ms. Priyanka Agarwal, ICMAI, on Implementing Notice Requirements and Rights Management: An Industry Perspective. She explained strategies for preparing clear, transparent and legally compliant privacy notices, ensuring compliance with the notice requirements under the DPDP Act in various data collection scenarios, and establishing effective mechanisms for managing requests from Data Principals. She also elaborated on consent management practices, including obtaining free, informed, specific, unconditional and unambiguous consent, designing user-friendly consent mechanisms, managing the complete consent lifecycle, and handling consent withdrawal and renewal. The final technical session was conducted by Mohit Kedia on Technical and Organisational Measures for Data Protection and Driving Awareness Across Organisations. He highlighted the implementation of robust security safeguards to prevent personal data breaches, incident response mechanisms, breach notification procedures, and remediation measures. He also discussed practical application of security standards, including encryption, access controls, data minimisation, governance frameworks, vendor management, grievance redressal mechanisms, security controls, employee awareness programmes, and fostering a privacy-conscious organisational culture. The session also focused on building comprehensive privacy programmes and strengthening institutional preparedness for effective implementation of the DPDP Act. The workshop concluded with a valedictory session during which certificates were distributed to all participants by the resource persons in the presence of Director, Information Technology/NIC, Shri Punchok Paldan and other officials. The speakers appreciated the active participation and engagement of the officers throughout the two-day programme and encouraged them to apply the knowledge gained for strengthening data protection practices in their respective departments. The workshop witnessed participation from officers and officials of various government departments across the Union Territory. It served as an important capacity-building initiative aimed at enhancing awareness of the Digital Personal Data Protection Act, promoting responsible data governance, and strengthening the digital governance ecosystem in Ladakh. The programme concluded with a vote of thanks and a shared commitment towards ensuring secure, transparent and citizen-centric digital governance through effective implementation of the DPDP Act, 2023. |