10:25 am / 379 Views
1. Introduction to Indian Privacy Law
- Evolutionary narrative of Data Protection laws in India
- Significance of DPDPA in a data-driven age
- Glossary of Key Terms in DPDPA
- Scope & Applicability of the Act
- Understanding Key Privacy Principles under DPDPA
- Building Compliance Strategy: Legal Grounds for processing Personal Data
- Consent as a Lawful Ground
- Logging, Retaining & Monitoring Consent
- Comparative Analysis
Practical Exercise 1
-
- Assess Territorial & Material application of DPDPA on the Case-Scenarios shared
Practical Exercise 2
-
- Match the Processing Activities with the Lawful Grounds of Processing
2 . Privacy Notice & Consent: DPDPA
- Analyzing the anatomy of a privacy notice
- Drafting an itemized Privacy Notice
- Policy vs Notice vs Statement
- Privacy Notice: When & Where?
- Drafting a Consent Notice
- Understanding Consent Manager
- Updating a Privacy Notice: Key Considerations
- Comparative Analysis
Complimentary Template
-
- Privacy Notice, Consent Notice, Consent Management Workflow
Practical Exercise 1
-
- Draft a User Friendly Privacy Notice on the basis of the Case-Study
Practical Exercise 2
-
- Suggest appropriate Consent Mechanisms on the basis of the scenarios shared
3. Drafting Privacy Policies
- The Art of Drafting a Policy
- Pre-requisites: Objectives, Scope & RACI
- Defining KPIs for a Policy
- Internal Data Protection Policy: Key Components
- Implementation & Enforcement
- Change Management for a Policy
Complimentary Template
-
- Internal Data Protection Policy
Practical Exercise 1
-
- Draft an Internal Data Protection Policy on the basis of the Organization details shared with you
4. Responding to Data Principal Rights: DPDPA
- Understanding the different types of Data Principal Rights (DPRs)
- Building Grievance Redressal Mechanism
- Navigating the applicability of a Data Principal Right
- Identity Verification of the Data Principal
- Workflow for the response to a DPR Request
- Safeguards to follow while making the Final Response
Complimentary Template
-
- Data Principal Rights Management Manual, Grievance Redressal Workflow, DPR Management Workflow
Practical Exercise 1
-
- Design a Data Principal Request Management Workflow on the basis of the Organization details shared with you
5. RoPA & DPIA
- Introduction to Records of Processing Activities (RoPA)
Components of RoPA - Role of a RoPA Document in maintaining Compliance
- Procedure to draft & maintain a RoPA
- Obligations of a Significant Data Fiduciary
- Introduction to Data Protection Impact Assessment (DPIA)
- Components of DPIA
- Role of a DPIA Process in maintaining compliance
- Cyclic Process of a DPIA
Complimentary Template
-
- RoPA, DPIA
Practical Exercise 1
-
- Draft a RoPA on the basis of the Department level details shared with you
Practical Exercise 2
-
- Conduct a DPIA on the basis of the processing activity details shared with you
6. Data Retention Policy
- Understanding Data Retention & its importance
- Components of a Data Retention Policy & Schedule
- Legal Considerations for Data Retention
- Steps to draft a Data Retention Policy & Schedule
- Choosing the relevant Data Disposal Mechanism
Complimentary Template
-
- Data Retention Policy
Practical Exercise 1
-
- Draft a Retention Policy & Schedule on the basis of Case Scenario shared
7. Data Breach Management
- Identifying a Data Breach
- Regulatory considerations around a Breach: CERT-In Guidelines
- Responding to a Breach Incident
- Obligation of Data Fiduciary & Data Processors in responding to a Breach
- Drafting a Data Breach Management Manual
- Maintaining Data Breach Register
- Understanding Notification Requirements
- Drafting a Data Breach Management Manual
Complimentary Template
-
- Data Breach Management Manual, Notification Template
Practical Exercise 1
-
- Analyse whether the particular incidents shared classify as a Data Breach
Practical Exercise 2
-
- Draft a Breach Management Workflow for the incident shared along with the notification template
8. Contracting & Management of Vendors
- Risks associated with Data sharing to Vendors
- Classification of Vendors depending on their Role
- Understanding the componetns of a Vendor Contract
- Drafting of Data Processing Agreement
- Review of Data Processing Agreement
- Monitoring of Vendors: Audit & Review
Complimentary Template
-
- Data Processing Agreement
Practical Exercise 1
-
- Classify the Vendors in Low, Medium & High Risk on the basis of attributes shared with you
Practical Exercise 2
-
- Conduct Vendor Risk Assessment on the basis of the details shared about a particular Vendor