National Informatics Centre, MeitY

The “DPDP Act and Compliance of IT Applications” Workshop organised by NIC in collaboration with MeitY, featured a Keynote Address by Shri Abhishek Singh, Additionally Secretary, MeitY and Director General, NIC, who articulated the citizen-centric foundation of the DPDP Act and its practical implications for implementation across Government systems. He explained that the Act revolves around three key entities — the Data Principal, Data Fiduciary, and Data Processor, with the central idea that the Data Principal should have complete control over their personal data and consent. Drawing comparisons with international data protection frameworks, he highlighted how India’s approach uniquely empowers citizens while ensuring accountability across all processing entities. He urged officials to thoroughly understand the provisions of the Act and avoid viewing compliance as a matter of exemption, but as an obligation to uphold the law in both letter and spirit. He also encouraged NIC teams to take the iGOT course on DPDP to build a strong foundational understanding. Concluding his address, he called upon all participants to reflect on their systems, identify areas that require change, and align processes to ensure that every compliance effort strengthens citizen trust and data ownership. #NICMeitY #DPDPAct #DataProtection #DigitalIndia #DataPrivacy #DigitalGovernance #Governance Digital India Programme MyGov India National Informatics Centre Services Inc (Nicsi)

Day 2 of the “DPDP Act and Compliance of IT Applications” Workshop featured an engaging session by Ms. Abha Tiwari, Data Protection Officer, Air India, who brought in a legal and industry perspective on data protection, drawing from real-world examples within the aviation sector that manages billions of citizen records. She explored the intersection of privacy and the human element, explaining how privacy differs from security — the former rooted in choice and consent, the latter in protection and control. Through case-based discussions, she illustrated how data retention and purpose limitation are key to compliance. Her session addressed the legal obligations of Data Fiduciaries and Data Processors under the DPDP Act and highlighted how businesses can achieve compliance through responsible data use and transparent governance practices. The discussion reinforced that privacy is not merely a technical construct — it is fundamentally about respecting individuals’ rights and choices. #NICMeitY #DPDPAct #DataProtection #DigitalIndia #DataPrivacy #DigitalGovernance #Governance Digital India Programme MyGov India National Informatics Centre Services Inc (Nicsi)

As part of Day 2 of the “DPDP Act and Compliance of IT Applications” Workshop, participants attended an engaging session on the DPDP Compliance Journey that focused on translating the provisions of the Act into structured organizational action. The session, led by Dr. Mukesh Kumar Gupta, Sr. Director (IT), NIC used relatable analogies from everyday scenarios to simplify complex compliance concepts. He demonstrated how data protection begins with practical steps such as maintaining a personal data inventory and clearly defining data flows within an organization. Dr. Gupta showcased sample inventory templates and conducted an interactive discussion to help participants understand how these tools can support structured implementation. The session also featured live quizzes and examples to assess participant understanding and reinforce key takeaways. The discussion highlighted that building compliance capability is a continuous journey of awareness, documentation, and accountability across teams. #NICMeitY #DPDPAct #DataProtection #DigitalIndia #DataPrivacy #DataGovernance #DigitalGovernance #Governance Digital India Programme National Informatics Centre Services Inc (Nicsi)

Day 2 of the “DPDP Act and Compliance of IT Applications” Workshop featured an engaging and practical session on Obligations of Data Fiduciaries and Significant Data Fiduciaries, Rights of Data Principals, and Implementing Security Safeguards to Prevent Personal Data Breaches. Mr. Manish Tembhurkar and Ms. Amrita from KPMG, brought in an industry perspective on cybersecurity, highlighting how organizations can translate compliance principles into technical and operational readiness. They emphasized that data mapping remains the cornerstone of compliance — without knowing where data resides or flows, effective protection becomes difficult. The session also covered third-party risk management, VAPT, API security, and role-based access control (RBAC) etc. as essential measures to mitigate vulnerabilities. Real-world cases illustrated how a proactive “security-by-design” approach can significantly reduce breach risk and enhance accountability. The discussion reinforced the need for continuous monitoring, demonstrable compliance, and strong collaboration between technical and governance teams to ensure readiness under the DPDP Act. #NICMeitY #DPDPAct #DataProtection #DigitalIndia #DataPrivacy #DigitalGovernance #Governance Digital India Programme National Informatics Centre Services Inc (Nicsi) KPMG India

The second day of the “DPDP Act and Compliance of IT Applications” Workshop featured a thought-provoking session on Capacity Building and Fostering a DPDP-Conscious Culture. The session focused on how data protection is as much about mindset as it is about mechanisms. Shri Prakash Kumar, CEO, Wadhwani Foundation, shared how India’s unique social and governance context requires a more nuanced approach to privacy — one that balances citizen benefit with responsible data practices. He emphasized the importance of collecting only what is necessary, defining clear data shelf life to reduce liability, and enabling secure, token-based validation instead of storing identifiers like Aadhaar. Real-world examples illustrated how cross-departmental data use can improve service delivery when done responsibly and in compliance with the DPDP Act. The discussion underscored that building a DPDP-conscious culture starts with awareness, accountability, and action — within every level of the organization. #NICMeitY #DPDPAct #DataProtection #DigitalIndia #DataPrivacy #DataGovernance #DigitalGovernance #Governance Digital India Programme MyGov India National Informatics Centre Services Inc (Nicsi)

Day 2️⃣ of the “DPDP Act and Compliance of IT Applications” Workshop delved into the practical aspects of institutional readiness for compliance. The session on Organizational Readiness for DPDP Compliance focused on how government entities can embed privacy principles within governance structures, operational processes, and technology systems. During the session, Shri Prashant Mittal, DDG, NIC shared actionable insights on creating robust frameworks for data mapping, capacity building, and compliance monitoring — essential for translating the DPDP Act into sustainable practice. The discussion reinforced the importance of viewing DPDP compliance as an organization-wide transformation rather than a one-time activity. #NICMeitY #DPDPAct #DataProtection #DigitalIndia #DataPrivacy #DigitalGovernance #Governance Digital India Programme MyGov India National Informatics Centre Services Inc (Nicsi)

NIC organized a webinar on Application Security New Trends & Malware Analysis — focusing on identifying and mitigating vulnerabilities such as Security misconfigurations, Validations, Session fixation, injection flaws, and authentication issues. Expert talks from NIC were delivered by Shri Rajesh Mishra, DDG, NIC, Shri Anil Kumar Jha, Sr. Director (IT) along with his team, and Ms. Savita Rajendra Gawali, Sr. Director (IT) on Application Security New Trends, Static Application Security Testing, Dynamic Application Security Testing and Malware Analysis. The session highlighted the importance of proactive security testing, mitigations and best practices to safeguard digital systems from evolving cyber threats. #NICMeitY #DigitalIndia #DigitalTransformation #eGovernance #Cybersecurity #cybersecurityawareness #CybersecurityAwarenessMonth

The Uttarakhand AI Impact Summit 2025, a Pre-Summit event of the #IndiaAIImpactSummit2026, will be held on October 17, 2025, in Dehradun, Uttarakhand. The event will be graced by Shri Jitin Prasada, Hon’ble Minister of State, Ministry of Electronics & Information Technology, Government of India, and will bring together leaders from MeitY, NIC, IndiaAI Mission, IIT Roorkee, IIM Kashipur, and the Government of Uttarakhand. Through keynote sessions, startup showcases, and a panel discussion on “Global AI Trends & Developments: Impact on Uttarakhand,” the Summit will explore how AI can drive innovation, entrepreneurship, and sustainable growth in the state. Ashwini Vaishnaw Ministry of Electronics and Information Technology Abhishek Singh Kavita Bhatia MyGov India Digital India Programme #AIforGood #RoadToImpact #PeoplePlanetProgress #ResponsibleAI #GlobalCollaboration

#CyberSafetyTips Ensure you regularly back up essential files, including documents, photos, and emails, to an external hard drive. सुनिश्चित करें कि आप दस्तावेज़ों, फ़ोटो और ईमेल सहित आवश्यक फ़ाइलों का बाहरी हार्ड ड्राइव पर नियमित रूप से बैकअप लेते रहें। #NICMeitY #CybersecurityAwarenessMonth #CyberSecurity #StaySafeOnline #DigitalSafety #BackupFiles #SafetyFirst Digital India Programme CyberDost I4C ISEA Stay Safe Online