India: Ministry of Electronics and Information Technology closes consultation on Digital Personal Data Protection Rules 2025 including cybersecurity regulation
Description
Ministry of Electronics and Information Technology closes consultation on Digital Personal Data Protection Rules 2025 including cybersecurity regulation
On 5 March 2025, the Ministry of Electronics and Information Technology closes the public consultation on the draft Digital Personal Data Protection Rules, 2025. The rules impose obligations on Data Fiduciaries and Data Processors across sectors handling personal data. The rules mandate reasonable security safeguards, including encryption, access controls, logging, and data backups, along with contractual requirements for processors to ensure equivalent protections. In the event of a personal data breach, Data Fiduciaries must notify affected individuals promptly and report to the Data Protection Board with detailed information within 72 hours.
Original sourceScope
Policy Area
Data governance
Policy Instrument
Cybersecurity regulation
Regulated Economic Activity
cross-cutting
Implementation Level
national
Government Branch
executive
Government Body
other regulatory body
Complete timeline of this policy change
Hide details
2025-01-03
in consultation
2025-03-05
processing consultation