As indicated in previous blogs, we are covering commonly-held misconceptions to provide clarity over what's important to those embarking upon their DPDPA compliance journey. Our particular focus here is on compliance with India’s new Digital Personal Data Protection Act, but it is worth reiterating that the lessons are globally applicable.
This week's focus is on the misunderstanding that surrounds what constitutes as personal data.
The world has inherited from the Americans the term “Personally Identifiable Information” or PII, which is commonly used to refer to a limited set of details such as PANs, driving licence numbers, passport or Aadhar numbers and so forth. While that information is certainly all personal data, the definition in the DPDPA is much wider – the term refers to any information about a natural person held in a context in which they can be identified. Everything you digitally record about someone is personal data including photos, audio and video.
Rather watch as a video? Click below.
-----------------------------------------------------
Read our 10 DPDPA misconceptions series
Interested to read the series in full? Click on the links below.
Misconception 1: data protection is all about breach prevention
Misconception 2: Compliance is just paperwork.
Misconception 3: it’s all about consent
Setting off on your DPDPA compliance journey?
If you’d like us to help you achieve DPDPA compliance and transform your data from a risk into an asset, you can Contact Us.
If you are looking for more information regarding DPDPA compliance, visit our DPDPA resources page.