Do You Actually Need a Data Protection Officer? A Practical Guide for Indian Businesses
Since the DPDP Act was notified, one of the questions I hear most often from business leaders and compliance teams is some version of: “Do we need a Data Protection Officer?” The honest answer is: it depends — but more organisations need one than currently think they do, and many that do not have a […]
Why Your Privacy Program Should Report to the Board — Not Just Legal
In most organisations, data privacy lives inside the legal team. The General Counsel or compliance head owns the policy, a lawyer manages the implementation, and the board receives an update once a year — usually after something has gone wrong. This structure made some sense when privacy was primarily a legal risk. It makes considerably […]
What DPDP Actually Requires — And What Most Organisations Are Getting Wrong
India’s Digital Personal Data Protection Act has been notified. The rules are being finalised. And yet, when I speak to compliance officers and business leaders across sectors, a surprisingly large number are still treating DPDP as a future problem — something to address once the rules are fully published, once the Data Protection Board is […]