Regulated entities under the Reserve Bank of India’s (RBI) regulatory sandbox (RS) framework must ensure compliance with the provisions of the Digital Personal Data Protection (DPDP) Act, the central bank said. “The sandbox entity must process all the data, in its possession or under its control about RS testing, by the provisions of Digital Personal Data Protection Act, 2023,” RBI said in a press release on February 28.
Additionally, the central bank said that under the updated sandbox framework, entities should have appropriate technical and organisational measures to ensure effective compliance with the provisions of the Act and rules made thereunder.
The sandbox is a framework set up by RBI to facilitate live testing of innovations by REs in a controlled environment with supervision.
RBI also said that the sandbox entity should ensure adequate safeguards to prevent any personal data breach.
The sandbox framework has been revised based on the experience gained over the last four and half years in running four cohorts and feedback received from fintechs, banking partners, and other stakeholders, RBI said.
Where does the DPDP Act stand?
The DPDP Act was notified on August 11, 2023, but it has not been enacted yet.
Prime Minister Narendra Modi, in his address in the 17th Lok Sabha, said that the DPDP Act would safeguard the coming generations and give them a tool to make their futures. "By bringing the Data Protection Bill, we have safeguarded future generations. We have given the future generation a tool, based on which, to make their future, they will use it well. Globally, people are interested in India’s Digital Personal Data Protection Act,” Modi said.
Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!
Find the best of Al News in one place, specially curated for you every weekend.
Stay on top of the latest tech trends and biggest startup news.
