DGPSI or Data Governance and Protection Standard of India is a framework to assist organizations to be in compliance with the DPDPA 2023 which is the Digital Personal Data Protection Act of India.
The framework has been developed by Naavi and adopted by FDPPI for the purpose of Certification of the Personal Data Management System (Digital Governance and Data Protection Management System or DGPMS) for compliance of DPDPA 2023.
The framework includes the requirements of IAT 2000 and BIS standard of Data Governance to the extent they apply to Personal Data.
The framework through a classification system segregates the PII of other jurisdictions and enables application of modified controls as may be required. Hence it also addresses the requirements of GDPR or CPRA.
The framework also addresses the need for assessment of maturity of compliance .
The fundamental objective of this framework is
a) To have an indigenous framework for compliance of Personal Data Protection requirements
b) To have a single Unified compliance framework that can be Certified for compliance and assessment
c) To have a single unified framework for compliance of multiple data protection laws.
“One Company, One Compliance and One Certification” is the motto of this framework.
An organization today need to work for DPDPA 2023 compliance, ITA 2000 compliance, Compliance of Data Governance standard of BIS, Compliance of GDPR through ISO 27701 and CPRA through SOC 2 etc. However with DGPSI, a single compliance framework and certification will address the requirements of all the relevant data protection laws to which a company is exposed.