Compliance [ as per IT ACT,2000 ]

Cyber Law Consulting >> Consulting >> Compliance

Every Organisation's CEO/CRO/CIO in India needs to think of getting IT Act,2000 Compliant. 
Non compliance of IT Act, 2000 can bring in financial liabilities to your company and may even land the CEO or a Director in jail [ refer S(85) of IT Act,2000].

IT Act, 2000 areas of Compliance :

Any company which receives, stores or transmits data on behalf of another person has an obligation to excercise "Due Diligence" which interalia includes

a) Identifying which of the information is "Sensitive Personal Information" and

b) Follow reasonable security practices to protect them (under Section 43-A of IT Act,2000)

c) Understand the data retention requirements and implement systems to comply with them

d) Understand that the GOI has the powers to block, intercept or ask for data decryption keys, information on data traffic etc (under Section 69,69-A of IT Act,2000) 

e) Expect you to conduct e-audit of all the documents you maintain in the e-form

f) Adhere to the encryption policies as may be announced etc

g) Ensure that without the permission of the owner of an information does not even provide access to the information to others [ refer Section 72-A]

h) Ensure that any security obligations agreed to in a contractual agreement are not breached

Failure to comply with the above may result in damages payable for which there is no specified upper limit, besides possible imprisonment from 3 years to 7 years.

It is also necessary for Companies to understand that even if any of their employees contravene the provisions of the Act including committing of such personal offences such as searching for child pornography using the corporate network, then there could be vicarious liabilities on the organization and its Directors and Executives.

Prevention of these liabilities requires a Cyber Law Compliance (IT Act,2000 Compliance) Programme with special focus on ITA 2008. Even if the organization is ISO 27001 certified, it is recommended that the organization should review its security policy and examine ITA 2008 compliance. 

Cyber Law Consulting can help you to

1. Conduct due diligence  2. Conduct Audit   3. Draft Best Security Practices  4. Check Compliance

5.Achieve IT ACT, 2000 Compliance 6.Certify 7.IT Act Compliance after ISO 27001  8.SEBI Compliance

 
 
Cyber Crimes Not Yet Solved By Prashant Mali (cyberlawconsulting@gmail.com) Probably you all don't even know these crimes happened. Still, they are all time mystery and go in history of Cyber Crimes with accolades.

February 2008- Supermarket Security Breach: At least 1,800 credit and debit card numbers were stolen at supermarket chain throughout the Northeast and Florida.
read more>>

Information Technology (Amendment) Bill 2008 passed by Indian Parliament in December 2008 notified as the IT (Amendment) Act 2008 has received the assent of the President on the 5th Feb 2009.
read more>>

Types Of Cyber Crimes Article By Prashant Mali It can be classified in to 4 major categories as (1) Cyber crime against Individual
(2) Cyber crime Against Property
(3) Cyber crime Against      Organization
(4) Cyber crime Against Society read more>>
 
  © Copyright, Cyber Law Consulting, 2002 Home | Contact us | Disclaimer | Site Map | About Us