• Search in Protiviti.com

State of Data Privacy in India Survey Report 2024

State of Data Privacy in India

Survey Report 2024
Our survey captured the perspectives of executives on how well the measures outlined in the Act address significant privacy concerns and challenges.

Executive Summary

The Digital Personal Data Protection Act, 2023, is a pivotal government initiative aimed at strengthening privacy protections in the digital age. Confederation of Indian Industry (CII) and Protiviti partnered to conduct a comprehensive survey on the preparedness of Indian industries for data privacy and the Digital Personal Data Protection (DPDP) Act. This collaboration sought to assess compliance readiness, identify challenges, and highlight best practices across sectors. The survey results offer strategic insights and guidance to help businesses navigate the evolving data privacy landscape and align with the DPDP Act.

Our survey captured the perspectives of executives on the extent to which the measures outlined in the Act address significant privacy concerns and challenges. By analysing the responses, we gained insights into the overall effectiveness of the Act in safeguarding personal data and privacy rights. This included examining broader aspects of data privacy across organisations in India, focusing on:

  • Perception and Awareness
  • Key Drivers impacting Privacy
  • Privacy Governance
  • Privacy Programme Maturity
  • Embracing Technology

Respondents represented a diverse range of industries, including BFSI, Information Technology, Hospitality, Manufacturing, Media & Telecom, and others, from mid-level to executive management positions.

Download Survey Report
Our survey captured the perspectives of executives on how well the measures outlined in the Act address significant privacy concerns and challenges.
Key Findings

Key Findings:

  • Over 60% of companies are engaged in practices that raise data privacy concerns.
  • A significant 52% of organisations have experienced a data breach within the past 5 years.
  • While 56% view the DPDPA 2023 with confidence, 44% remain skeptical or uncertain.
  • Only 39% of larger organisations currently have a dedicated Data Privacy Office.
  • 44% of organisations lack a proactive approach to incident response strategies.
  • Compliance with regulatory and increasing contractual obligations is the primary driver for establishing privacy programmes in 51% of organisations.
  • Managing consent and data principal access requests is the top privacy concern, followed closely by the visibility of personal data.
  • Automation efforts are primarily focused on privacy rights and consent management, as well as data governance, yet only 24% feel prepared for the privacy challenges posed by emerging technologies.
  • Over 60% of organisations have documented data privacy policies and procedures in place, with the Information Technology and Financial Services sectors leading the way.

Protiviti India Member Private Limited is the India Member Firm of the global network of Protiviti firms, a group of independent consulting firms helping companies solve problems in finance, technology, operations, governance, risk and internal audit.  Protiviti Member Firms are separate and independent legal entities, are not agents of other firms in the Protiviti network, and have no authority to obligate or bind other firms in the Protiviti network.

Loading...