The Implementing Regulations were issued on 7 September 2023 and provide detailed guidance on various PDPL requirements. They include provisions for privacy policies, data breach notifications within 72 hours, Data Protection Impact Assessments for high-risk processing, and specific requirements for continuous and large-scale processing of personal data. The regulations also address data controller obligations for disclosure to public authorities, advertising and direct marketing consent requirements, and technical measures for data security including pseudonymization.
Health Data Management Policy (under Ayushman Bharat Digital Mission)
July 11, 2025
ABDM participants must comply with the Health Data Management Policy. Healthcare laws include the Clinical Establishments Act, National Medical Commission Act provisions requiring physician confidentiality,
