Section 43A of India's IT Rules 2011 requires which of the following for a privacy policy?
Section 43A of India's IT Rules 2011 requires which of the following for a privacy policy?
Section 43A of India's IT Rules 2011 requires that a privacy policy should be published on the website of the body corporate. This ensures transparency and allows individuals to readily access information regarding the type of personal data being collected, the purpose of the data collection, and the security practices in place to protect this data.
The privacy policy should be clearly published on the website of the body corporate and should contain details on the type of information that is being collected, the purpose for which it has been collected and the reasonable security practices that have been undertaken to maintain the confidentiality of such information.
Rule 4 provides that the every body corporate that deals with sensitive personal data or information must have a privacy policy which shall be published on its website and provide for: - clear and easily accessible statements of its practice and policies - types of SPDI collected - purpose - disclosure - RSPP
Answer B - Rule 4 imposes a duty on Body Corporates seeking sensitive personal data to draft a privacy policy and make it easily accessible for people who are providing the information. The privacy policy should be clearly published on the website of the body corporate and should contain details on the type of information that is being collected, the purpose for which it has been collected and the reasonable security practices that have been undertaken to maintain the confidentiality of such information.