Active Stocks
Thu Mar 28 2024 15:59:33
  1. Tata Steel share price
  2. 155.90 2.00%
  1. ICICI Bank share price
  2. 1,095.75 1.08%
  1. HDFC Bank share price
  2. 1,448.20 0.52%
  1. ITC share price
  2. 428.55 0.13%
  1. Power Grid Corporation Of India share price
  2. 277.05 2.21%
Business News/ Politics / Policy/  New rules for govt agencies to ensure security of personal data
BackBack

New rules for govt agencies to ensure security of personal data

The new rules put the onus on government departments and agencies to safeguard personal data or information held by them

The new guidelines seek answers to questions being asked on data protection under the Aadhaar Act.Premium
The new guidelines seek answers to questions being asked on data protection under the Aadhaar Act.

New Delhi: Government departments handling personal data or information will have to ensure that end-users are made aware of the data usage and collection and their consent is taken either in writing or electronically, according to new guidelines issued by the government for security of personal data.

Sensitive personal data such as passwords, financial information (bank account, credit card, debit card and other payment instrument details), medical records and history, sexual orientation, physical and mental health, and biometric information cannot be stored by agencies without encryption, say the guidelines issued by the ministry of electronics and information technology (IT) on 22 May.

The rules put the onus on government departments and agencies to safeguard personal data or information held by them. To be sure, the Information Technology Act 2000 and Aadhaar Act 2016 have laid down most of these rules. The new guidelines seek answers to questions being asked on data protection under the Aadhaar Act.

“If agency is storing Aadhaar number or sensitive personal information in database, data must be encrypted and stored. Encryption keys must be protected securely, preferably using Hardware Security Modules (HSMs). If simple spreadsheets are used, it must be password protected and securely stored," according to the guidelines.

In April, the IT Ministry issued a notification directing all government departments to remove any personal data published on their websites or through other avenues.

The guidelines require regular audits to ensure effectiveness of data protection and also call for swift action on any breach of personal data. In cases where an Aadhaar number has to be printed, it should be truncated or masked. The guidelines say only the last four digits of the 12-digit unique identity number can be displayed or printed.

According to a research report issued by Bengaluru-based think tank Centre for Internet and Society on 1 May, four government portals could have made public around 130-135 million Aadhaar numbers and around 100 million bank account numbers.

Unlock a world of Benefits! From insightful newsletters to real-time stock tracking, breaking news and a personalized newsfeed – it's all here, just a click away! Login Now!

Catch all the Politics News and Updates on Live Mint. Download The Mint News App to get Daily Market Updates & Live Business News.
More Less
Published: 02 Jun 2017, 12:20 AM IST
Next Story footLogo
Recommended For You
Switch to the Mint app for fast and personalized news - Get App