With India’s May 2027 deadline for the Digital Personal Data Protection Act approaching, major IT firms including Infosys, Wipro, SAP, and TCS are tightening their compliance frameworks. The push goes beyond policy updates: governance is being upgraded, incident response is getting stronger, and data protection controls are being embedded directly into product and system architecture to meet DPDP demands.
India’s government is reportedly considering a limited exemption for early-stage startups from some compliance requirements under the proposed Digital Personal Data Protection (DPDP) bill. The rationale: easing pressure from data-handling obligations that could stifle startups while they develop data models and solutions. The DPDP draft also details strong penalties for breaches and proposes removing compensation provisions from the IT Act.
Your news, in seconds
Get the Beige app — every story in 60 words, updated hourly. Free on iOS & Android.
Swipe through stories, personalise your feed, and save articles for later — all on the app.
