To insure every Indian by 2047, the insurance industry must collaborate with third-party agencies such as hospitals, diagnostic services, and banks. However, with hordes of sensitive data that they collect, process, and store, insurers are a prime target for cyber-attacks and data misuse.
In August 2023, India introduced the Digital Personal Data Protection (DPDP) Act, mandating enterprises to protect customer data against misuse and external threats and setting the basis for data collection, storage, and processing on explicit consent.
For Indian insurers, the DPDP Act sets a benchmark for responsible data use and brings them to par with golden standards followed by global counterparts. This whitepaper helps insurers understand the implications of the DPDP Act and offers a compliance roadmap and a way forward to view data privacy and security as a duty, not just a regulatory mandate.