Beni Chugh & Srikara Prasad (Dvara Analysis) &

The Information Safety Council of India[1]

Clients’ private information has turn into central to how monetary service suppliers (FSPs) (i.e., regulated entities and intermediating service suppliers) ship their companies. Processing private information helps FSPs higher assess clients’ wants and supply extra amenable monetary companies. Nonetheless, FSPs can put clients’ security in danger from completely different sorts of hurt in the event that they course of information with out sufficient information safety safeguards.[2] The potential for these dangers breeds distrust and apprehension about FSPs and monetary companies amongst clients except they’re reassured of security.

Many information safety frameworks present a set of rules that are supposed to information suppliers in the direction of implementing safeguards. Nonetheless, these rules are sometimes summary and tough to place into follow. Extra importantly, these rules don’t information suppliers in the direction of implementing safeguards in a means that earns the shoppers’ belief.

To deal with these gaps Dvara Analysis, with the Information Safety Council of India (DSCI), co-developed two privateness handbooks directed at FSPs within the insurance coverage and banking sector. The handbooks assist FSPs implement information safety in a customer-centric method all through the information lifecycle, together with in legacy methods. The handbooks construct on international information safety frameworks and greatest practices, and inputs from FSPs, information safety consultants, and different stakeholders within the insurance coverage and banking sectors.

Whereas the handbooks are set within the context of insurance coverage and banking sectors, the rules are broadly relevant to all FSPs that interface with clients and course of their private information. These privateness handbooks present 4 essential inputs to FSPs. They:

1. Present a set of rules and detailed motion factors for FSPs

   to implement information safety safeguards at every stage of the shopper journey and information lifecycle in a means that builds clients’ belief.

2. Current a ready-to-use self-assessment guidelines that FSPs can use

   to establish the gaps of their framework and perceive how they will deal with them to raised adjust to regulatory pointers and globally recognised information safety rules.

The privateness handbooks, together with an summary of every handbook, can be found right here. We welcome suggestions from monetary sector suppliers, information safety and information safety practitioners, and buyer safety consultants in the direction of enhancing the handbook

[1] The authors from the DSCI staff embrace Varun Sen Bahl (affiliated with Nasscom on the time of publication), Anisha Koshy (affiliated with DSCI on the time of publication), and Anand Krishnan (affiliated with the CSSF India Cyber Program on the time of publication).

[2] Information Justice Lab, Information Hurt Document, 2020, https://datajusticelab.org/data-harm-record/.