Correct!
ANSWER: C. The
new Rules impose a number of additional obligations on organizations
at the point of collection of any data. Individuals must
be made aware of the fact that their data is being collected,
the purpose for which the data is collected, the intended
recipients of the data and the contact details of both the
agency collecting the data and the agency that will retain
the data. Further, all data is subject to a restriction
on any processing for secondary purposes. It must be processed
only for the purpose for which it was collected.
In
early 2011, the Government of India's Ministry of Communications
& Information Technology adopted new privacy regulations,
known as the Information Technology (Reasonable Security
Practices and Procedures and Sensitive Personal Data or
Information) Rules, 2011 (the "Rules"). These Rules impose
wide-ranging obligations on any "body corporate" (company)
that "collects, receives, possesses, stores, deals or handles"
personal information. There are now greater restrictions
on data collection and processing. At the point of collection
of any personal data, individuals must be made aware of:
A.
The date that their data is being collected;
B.
Their right to review all data collected before it is passed
on to its intended recipients;
C.
The contact details of both the agency collecting the data
and the agency that will retain the data; or
D.
The fact that all data is no longer subject to a restriction
on any processing for secondary purposes.
|