Dvara Analysis Weblog | A customer-centric framework to implement information safety in monetary providers


Beni Chugh & Srikara Prasad (Dvara Analysis) &

The Information Safety Council of India[1]

Prospects’ private information has turn into central to how monetary service suppliers (FSPs) (i.e., regulated entities and intermediating service suppliers) ship their providers. Processing private information helps FSPs higher assess prospects’ wants and supply extra amenable monetary providers. Nevertheless, FSPs can put prospects’ security in danger from completely different sorts of hurt in the event that they course of information with out ample information safety safeguards.[2] The potential for these dangers breeds distrust and apprehension about FSPs and monetary providers amongst prospects until they’re reassured of security.

Many information safety frameworks present a set of rules that should information suppliers in direction of implementing safeguards. Nevertheless, these rules are sometimes summary and tough to place into apply. Extra importantly, these rules don’t information suppliers in direction of implementing safeguards in a manner that earns the shoppers’ belief.

To deal with these gaps Dvara Analysis, with the Information Safety Council of India (DSCI), co-developed two privateness handbooks directed at FSPs within the insurance coverage and banking sector. The handbooks assist FSPs implement information safety in a customer-centric method all through the information lifecycle, together with in legacy techniques. The handbooks construct on international information safety frameworks and finest practices, and inputs from FSPs, information safety specialists, and different stakeholders within the insurance coverage and banking sectors.

Whereas the handbooks are set within the context of insurance coverage and banking sectors, the rules are broadly relevant to all FSPs that interface with prospects and course of their private information. These privateness handbooks present 4 essential inputs to FSPs. They:

  1. Present a set of rules and detailed motion factors for FSPs

    to implement information safety safeguards at every stage of the shopper journey and information lifecycle in a manner that builds prospects’ belief.

  2. Current a ready-to-use self-assessment guidelines that FSPs can use

    to determine the gaps of their framework and perceive how they will handle them to raised adjust to regulatory pointers and globally recognised information safety rules.

The privateness handbooks, together with an outline of every handbook, can be found right here. We welcome suggestions from monetary sector suppliers, information safety and information safety practitioners, and buyer safety specialists in direction of enhancing the handbook

[1] The authors from the DSCI crew embody Varun Sen Bahl (affiliated with Nasscom on the time of publication), Anisha Koshy (affiliated with DSCI on the time of publication), and Anand Krishnan (affiliated with the CSSF India Cyber Program on the time of publication).

[2] Information Justice Lab, Information Hurt Document, 2020, https://datajusticelab.org/data-harm-record/.


Leave a Comment