Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Decoding India Privacy – Digital Personal Data Protection Act (DPDPA), 2023 Crosswalk to NIST
Resource
Crosswalk (XLSX) This workbook contains 3 tabs (an overview, mapping between the NIST Privacy Framework V1.0 Core and the DPDPA, and a Quick References tab).
Details
Resource Identifier: DPDPA Regulations Crosswalk
Source Name: Digital Personal Data Protection Act (DPDPA), 2023
Contributor: Amey Kantak, Persistent Systems
Contributor GitHub Username: @kantakgoa
Related Documentation: https://github.com/usnistgov/PrivacyFrmwkResources/tree/master/resources/DPDPA%20Crosswalk
Contributor Notes:
- Mapped elements represent where the DPDPA requires a control that would fall under the NIST Core subcategory or a control under the NIST Core subcategory would support activities under the DPDPA.
- To make it easier for readers, the DPDPA legislation has been broken down chapter wise. Sections and Subsections have been mapped against relevant sections of the NIST Privacy Framework V1.0 in the NIST Privacy V1.0 Core to DPDPA worksheet.
- Quick Reference worksheet has the DPDPA sections mapped to actual citation of the Digital Personal Data Protection Act (DPDPA), 2023 as well as mapping to the relevant sections of the EU GDPR to provide better context.
- Readers will also notice that many of the Privacy Framework’s subcategories do not map neatly to the DPDPA. The DPDPA is an “umbrella” legislation, as it sets out only a high-level framework for India’s new data protection regime, with supplementary rules expected in due course.
Feedback on this Resource
You can share feedback, ask questions, or request clarifications about this resource. You will need the resource identifier and contributor’s GitHub username.