Execution worries for DPDP Act as 71% firms struggle with interpretation: EY Survey

Close to 80% of organisations have not yet updated or drafted DPDP-aligned privacy policies or governance frameworks, pointing to a lack of structural preparedness.

February 05, 2026 / 22:26 IST
Story continues below Advertisement
Representative image
Representative image
Snapshot AI
  • 71% of Indian enterprises struggle to understand the DPDP Act and its rules.
  • 80% haven't updated privacy policies for DPDP compliance.
  • Retail and e-commerce excel in DPDP readiness; healthcare falls behind

As India moves from rule-making to on-ground execution of the Digital Personal Data Protection (DPDP) Act, a majority of enterprises remain poorly prepared to translate the law into operational action, according to a new survey by EY India.

Nearly 71 percent of Indian enterprises surveyed said they continue to struggle with interpreting the DPDP Act and its rules, highlighting a widening gap between regulatory intent and enterprise readiness, even as the compliance clock begins to tick, the EY report said.

Story continues below Advertisement

The findings, based on a survey of nearly 150 professionals across sectors, show that while awareness of the DPDP framework is improving, implementation maturity remains uneven and limited. Close to 80 percent of organisations have not yet updated or drafted DPDP-aligned privacy policies or governance frameworks, pointing to a lack of structural preparedness.

From a readiness standpoint, 48 percent of respondents said thetey have initiated gap assessments, making it the most common first step toward compliance.