Earlier Articles

Discussions on PDPSI started some time back at www.naavi.org and are now being organized for exclusive focus on this website.

The earlier articles written on this topic are given below. Further discussions will continue.

  1. A Step beyond BS10012 and GDPR-Personal Data Protection Standard of India-PDPSI
  2. Data Protection Standard of India- (DPSI)
  3. Data Classification is the first and most important element of PDPSI
  4. Why 16 types of Data are indicated in PDPSI?
  5. Implementation Responsibility under Personal Data Protection Standard of India
  6. India to be the hub of International Personal Data Processing…. objective of PDPSI
  7. Principles of PDPSI
  8. Pentagon Model of TISM…An implementation approach to PDPSI implementation
  9. Personal Data Gate Keepers and Internal Data Controllers in Organizations
  10. Legitimate Interest Policy
  11. Implement “My Bhi Chowkidar” policy for Personal Data Protection.
  12. Criticality of the Grievance Redressal Mechanism in PDPSI
  13. Data Breach Notification-What PDPSI expects
  14. PDPSI-Business Agreement Control
  15. Naavi’s Data Trust Score model unleashed in the new year
  16. Naavi’s 5X5 Data Trust Score System…. Some clarifications
  17. Naavi’s Data Trust Score Audit System…allocation of weightages


Posted in Uncategorized | Leave a comment

What is PDPSI?

PDPSI is a Techno Legal Information Security standard developed for meeting the Data protection requirements in the Indian Jurisdiction.

It is modelled on the principle of Three dimensional information security approach involving Technology, Law and behavioural science.

This standard is originated by Naavi, the founder of www.naavi.org who is a pioneer in Cyber Law in India.

The objective of this standard is to focus on the requirements of companies in India which are exposed to the upcoming requirement of compliance of the Personal Data Protection Act of India (PDPA) along with other relevant Privacy and Data Protection laws that are mandatory for an organization operating in India including the current Information Technology Act 2000.

This standard is being developed on the open source principles where the standard is public and implementation is specific. In other words, this standard PDPSI can be adopted by any Data Auditor as a framework.  The individual specifications that come as annexure to the standard may be improved upon and customized.

There will be one suggested implementation framework that comes along with the standard which can be used with suitable modifications based on the context by the auditor with an appropriate deviation disclosure. 

Data Auditors are free to adopt the main standard without the adopting the suggested implementation specifications as suggested. They may in turn develop their own proprietary methods as a guide.  

Auditors who want to develop their own implementation frameworks and publish the same on this site, they are welcome.

If they want to keep it proprietary,  we respect their intellectual property right. We would however appreciate if they keep us informed of the existence of such proprietary implementation standards.

In due course, this website may provide a platform for them to reach out interested clients and sell their implementation specifications as a standard within standard.

This standard does not have any Government patronage and is purely a voluntary effort from the user’s perspective. We however shall endeavor to present this to the Data Protection Authority (DPA) as and when the set up emerges. 

As a part of the discussions around PDPSI, this site will try to present its views on the various codes and practices that PDPA envisages in due course. 

Naavi is also the Chairman of the Foundation of Data Protection Professionals in India (FDPPI) details of which is available at www.fdppi.in.

The PDPSI initiative is at present the initiative of Naavi the individual and does not constitute the views of any of the members of FDPPI or of the organizations that they may be associated with. FDPPI is however free to take its own independent view on the standard and also develop its own endorsed version of the standard or the implementation specifications as it deems fit.


Posted in Uncategorized | Leave a comment


Welcome to the new world of a Techno Legal Information Security standard created exclusively for India.

This site has been activated to bring all discussions on the Personal Data Protection Standard of India (PDPSI) which Naavi has been initiating at www.naavi.org

Posted in Uncategorized | 1 Comment