Recognized as a worldwide industry practice for cost effectiveness and optimization, the process of Outsourcing involves humongous data exchange as it is all about delegating business processes and functions. This has resulted in the increasing concerns over data security and breach. With the increasing adoption of the cloud as a platform, the enterprises are constantly bothered due to the lack of data compliance and hosting parameters. IT Exports and Outsourcing being a major source of revenue for the Indian economy, thereby making it imperative for the Indian Outsourcing industry to accrue data compliance and security accreditation.
In the process of outsourcing, different categories of data pertaining to bio metric, financial services, bank details are shared with the service providers. The major concerns of its protection led to the enforcement of the new data protection laws in 2011 in India. The data protection laws that existed earlier were rendered redundant with the advent of newer technologies and delivery mechanisms. Therefore, the Information Technology Act that was further amended in 2011. According to the new law, every business irrespective of its size needs to have its own privacy policy, irrespective of the use of Sensitive Personal data or SPD, published on its website. Furthermore it is now mandatory for service providers and outsourcing companies to receive a Consent for the Collection of sensitive information from its respective clients. Notification regarding the use of information along with its retention also falls within the purview of the new rules. In terms of the outsourcing landscape in India, this implies that any business dealing with any sensitive information in India has to comply with the rules. The enterprises outsourcing work to India have to mandatorily provide the consent for collection and information retention.
In the Information Technology scenario, associations like NASSCOM (National Association of Software Services Companies) have been playing a very significant role in laying the foundation for quality services and data security whilst keeping parity with the international protocols. It has also undertaken the four step initiative to engage, educate, enact, and enforce data security laws in the Indian IT/ITES market. Apart from the ISO 27001 standards, BS7799 is another standard mostly adhered by the IT companies in India.
The Indian outsourcing have not only advanced in terms of service offerings but also have matured in terms of ensure data security when it comes to services. The outsourcing firms have a dedicated IT budget towards integrating security means with the processes and networks.
