✓ Trusted by lawyers, firms, and students across India
Home Legal Updates Data Protection New Data Protection Act 2023: Key Changes for Businesses

New Data Protection Act 2023: Key Changes for Businesses

January 15, 2024
India
8 min read
Legal Team
HIGH Priority ⭐ Featured Data Protection
The Data Protection Act 2023 has been enacted to strengthen data privacy and protection in India. This comprehensive legislation brings significant changes that businesses need to be aware of.

## Key Provisions

The Act introduces several important provisions:

1. **Consent Requirements**: Businesses must obtain explicit consent before collecting personal data
2. **Data Localization**: Critical personal data must be stored within India
3. **Right to Erasure**: Individuals can request deletion of their personal data
4. **Data Breach Notification**: Mandatory reporting of data breaches within 72 hours
5. **Penalties**: Fines up to ₹250 crores or 4% of annual turnover for non-compliance

## Impact on Businesses

All businesses handling personal data must:
- Update their privacy policies
- Implement data protection measures
- Appoint a Data Protection Officer (if required)
- Conduct regular data audits
- Train staff on data protection requirements

## Compliance Timeline

- Immediate: Review current data practices
- 3 months: Update privacy policies and consent mechanisms
- 6 months: Implement technical and organizational measures
- 12 months: Complete compliance audit

## Next Steps

Businesses should consult with legal experts to ensure full compliance with the new Act.

Share this Legal Update