Beni Chugh & Srikara Prasad (Dvara Analysis) &
The Knowledge Safety Council of India[1]
Prospects’ private information has change into central to how monetary service suppliers (FSPs) (i.e., regulated entities and intermediating service suppliers) ship their companies. Processing private information helps FSPs higher assess prospects’ wants and supply extra amenable monetary companies. Nonetheless, FSPs can put prospects’ security in danger from completely different sorts of hurt in the event that they course of information with out satisfactory information safety safeguards.[2] The potential for these dangers breeds distrust and apprehension about FSPs and monetary companies amongst prospects until they’re reassured of security.
Many information safety frameworks present a set of rules that should information suppliers in direction of implementing safeguards. Nonetheless, these rules are sometimes summary and tough to place into follow. Extra importantly, these rules don’t information suppliers in direction of implementing safeguards in a means that earns the purchasers’ belief.
To deal with these gaps Dvara Analysis, with the Knowledge Safety Council of India (DSCI), co-developed two privateness handbooks directed at FSPs within the insurance coverage and banking sector. The handbooks assist FSPs implement information safety in a customer-centric method all through the info lifecycle, together with in legacy methods. The handbooks construct on world information safety frameworks and greatest practices, and inputs from FSPs, information safety consultants, and different stakeholders within the insurance coverage and banking sectors.
Whereas the handbooks are set within the context of insurance coverage and banking sectors, the rules are broadly relevant to all FSPs that interface with prospects and course of their private information. These privateness handbooks present 4 essential inputs to FSPs. They:
-
Present a set of rules and detailed motion factors for FSPs
to implement information safety safeguards at every stage of the shopper journey and information lifecycle in a means that builds prospects’ belief. -
Current a ready-to-use self-assessment guidelines that FSPs can use
to establish the gaps of their framework and perceive how they’ll handle them to higher adjust to regulatory pointers and globally recognised information safety rules.
The privateness handbooks, together with an summary of every handbook, can be found right here. We welcome suggestions from monetary sector suppliers, information safety and information safety practitioners, and buyer safety consultants in direction of enhancing the handbook
[1] The authors from the DSCI staff embrace Varun Sen Bahl (affiliated with Nasscom on the time of publication), Anisha Koshy (affiliated with DSCI on the time of publication), and Anand Krishnan (affiliated with the CSSF India Cyber Program on the time of publication).
[2] Knowledge Justice Lab, Knowledge Hurt Report, 2020, https://datajusticelab.org/data-harm-record/.