+91 (120) 4585437mail@sethassociates.com

Contact Us

Search
TwitterYouTube
Seth Associates
Seth Associates
Advocates and Legal Consultants
Monday – Friday 10 AM – 8 PM
  • Home
  • About Us
    • Firm Overview
    • Our Professionals
  • Firm Experience
    • Firm Experience
    • Representative Projects
  • Partner Profile
  • Practice Areas
    • Corporate & Business Laws
    • Cyber Law and E-security India
    • Intellectual Property Laws
    • Media and Entertainment laws
    • Launch of Products & Services
    • International Trade & Anti Dumping Laws
    • Litigation
    • Arbitration & ADR
    • Real Estate
    • Employment Laws
    • Matrimonial & Family Laws
    • Banking, Finance & Insurance
    • Taxation
    • Projects
    • Legal Process Management Services
  • Client Experience
    • What Others Say About Us
  • Publications
    • Press Room
    • Media Interviews
    • Media Interviews Videos
    • Seminars & Lectures
    • Seminars & Lectures Gallery
    • Articles
    • Publications
    • Events
    • Newsletter
    • India Business Guide
  • Contact Us
  • Home
  • About Us
    • Firm Overview
    • Our Professionals
  • Firm Experience
    • Firm Experience
    • Representative Projects
  • Partner Profile
  • Practice Areas
    • Corporate & Business Laws
    • Cyber Law and E-security India
    • Intellectual Property Laws
    • Media and Entertainment laws
    • Launch of Products & Services
    • International Trade & Anti Dumping Laws
    • Litigation
    • Arbitration & ADR
    • Real Estate
    • Employment Laws
    • Matrimonial & Family Laws
    • Banking, Finance & Insurance
    • Taxation
    • Projects
    • Legal Process Management Services
  • Client Experience
    • What Others Say About Us
  • Publications
    • Press Room
    • Media Interviews
    • Media Interviews Videos
    • Seminars & Lectures
    • Seminars & Lectures Gallery
    • Articles
    • Publications
    • Events
    • Newsletter
    • India Business Guide
  • Contact Us

Dr lal pathlabs data leak-legal opinions on liabilities, punishments ,penalty-the 420.in, 10 oct 2020

New Delhi: In one of the biggest medical data leak in India, Dr Lal PathLabs, among the country’s largest diagnostic chains, left data of millions of customers exposed in an unprotected cloud server.

Cybersecurity expert from Melbourne claimed that the data was exposed for around a year and he estimates the number of patients whose data was exposed could run to millions.

The matter of concern is that open data is sensitive information which includes booking details, names, gender, addresses, phone numbers, email addresses, digital signatures, limited payment details, doctor details and details of the tests taken. A large chunk of data was also related to Covid-19 patients. Dr Lal PathLabs was among the few private players which got approval for testing coronavirus patients.

Also read: Dr Lal PathLabs data leak: Fine up to Rs 5 crore can be imposed as millions of patients at risk

The company now claims that the loophole has been patched but there is no explanation about the magnitude of information leaked online. With sensitive personal data leak happening every now and then, The420 team spoke to legal and cyber experts to find out legal liabilities and punishment in such cases.

All the cyber experts unanimously said it is the companies’ responsibility to ensure the safety of their customers’ data. Patching the loophole is the bare minimum expected from them. Experts highlighted that private companies are not serious about data protection which can also be gauged by the amount they spend on its security.

Explaining the legal action in such cases, Delhi based senior lawyer Karnika Seth said, “Section 43 A of the IT Act, 2000 requires companies to safeguard personal data and personally sensitive data. Health records are sensitive data. ISO 27001 certification is one of the standards required to comply with extant data protection measures.”

Explaining other legal provisions in such cases, Mumbai based Dr Prashant Mali, Cyber & Privacy Expert Lawyer said, “Section 85 of the IT Act, 2000 deals with the offence by companies and Section 72A deals with a contractual data breach. The law is stringent implementation after 19 years of law in force is pathetic and no awareness.”

Section 43 A of the IT Act, 2000 requires companies to safeguard personal data and personally sensitive data. Health records are sensitive data. ISO 27001 certification is one of the standards required to comply with extant data protection measures – Karnika Seth, cyberlaw expert.

Seth highlighted that there could be a criminal liability if such breach took place with intention or knowledge of directors pursuant to section 85 of the IT Act. Personal Data Protection (PDP) Bill is still underway. It’s imperative that the bill gets enacted to create a stronger privacy protection regime in India. “There are stricter compliance norms and punishments prescribed by PDP bill, damages up to 4 per cent of total worldwide turnover or 15 Crores,” said Karnika Seth, who is a cyberlaw expert and visiting faculty to National Police Academy and National Judicial Academy, CBI Academy and the National Investigation Agency.

Right to privacy is a fundamental right as per the Supreme Court of India’s nine bench judgment in KS Puttaswamy case.

Reference: https://www.the420.in/dr-lal-pathlabs-data-leak-legal-opinions-on-liabilities-punishments-penalty-the-diagnostic-chain-might-face/

Service Areas
  • Corporate & Business Laws
  • Cyber Laws
  • Intellectual Property Laws
  • Media and Entertainment laws
  • Launch of Products & Services
  • International Trade & Anti Dumping Laws
  • Litigation
  • Arbitration & ADR
  • Real Estate
  • Employment Laws
  • Matrimonial & Family Laws
  • Banking, Finance & Insurance
  • Taxation
  • Projects
  • Legal Process Management Services
India Business Guide
  • License under Food Safety And Standards Act
  • Information Technology Amendment Bill 2008
  • Registration of Designs in India
  • legal system in India
  • Notarisation and apostillisation in india
  • Antidumping law in India
  • Incoterms 2000: Free on Board
  • Procedure for registration of patent in India
  • Copyright in India -Referencer
  • Legal Review for Property Purchase Transactions
  • Product liability law In india
  • Foreign Direct Investment In Real estate in India
View More
Seth Associates

Seth Associates

Corporate Law Office
721, Tower-B, Advant Navis Business Park,
Plot No. 7, Sector 142, Expressway, NOIDA-201301 (U.P.),India
Phone: +91 (120) 4585437
Mobile: +91 9810155766, +91 9868119137

New Delhi Law Office
C-1/16, Daryaganj, New Delhi-110002, India
Phone:+91 (11) 43559488
mail@sethassociates.com

Disclaimer | Privacy Policy | Terms of Service | Sitemap