Indian IT and BPO firms like Genpact and Cognizant are of the opinion that the new data protection policies in the country could expose them to enhanced regulatory scrutiny. The government of India is citing a data protection bill which endorses that crucial data of Indian users being used by global corporates should be stored in the country only.
The draft came as a part of the advice made by a panel on data protection headed by former Supreme Court judge Justice Srikrishna. The draft bill has raised concerns for IT biggies which say that it will incur them significant cost to collect and manage the database.
“The Digital Information Security in Healthcare Act (DISH) is under consideration in India, which proposed legislation including significant penalties related to disclosure of healthcare data. Other countries have enacted or are considering enacting data localisation laws that require certain data to stay within their borders,” said Cognizant.
The DISH Act was discussed last year and recommends setting up of National and State eHealth Authorities and Health Information Exchanges. It also stresses on standardising and regulating the collection, storing and transmission related processes.
“Complying with changing regulatory requirements requires us to incur substantial costs, exposes us to potential regulatory action or litigation, and may require changes to our business practices in certain jurisdictions, any of which could materially adversely affect our business operations and operating results,” added Cognizant.
BPO giant Genpact also notified about the potential impact of new rules.
“Evolving laws and regulations in India protecting the use of personal information could also impact our engagements with clients, vendors and employees in India,” said Genpact.