Data Privacy And Cyber Security Policies Shaping The Legal Outsourcing Landscapes In India
Many companies wanted to outsource legal support services to Indian offshore vendors, but they were reluctant, there was an inherent fear that the sensitive data and information, shared for business purposes, might be stolen or compromised.
Data Privacy Rules
In 2011, India’s Ministry of Communications and Information Technology enforced new privacy regulations under the Information Technology Act, 2000. These privacy regulations were known as Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011. The law was brought into force immediately and resulted in significant ramifications in the way other companies did business in India. The client advisory holds the review and description of this law. This new law sent across a message to the companies who wanted to outsource services to India.
This law, which was aimed at ensuring improved data security, imposes both civil liability and criminal punishment if the privacy of clients is breached. According to the law, no personal data or information can be disclosed without a written consent from the client. It is also necessary to disclose any resultant, wrongful gains or losses in a contract. The laws in India are even more stringent than that in the west, and if an Indian LPO fails to provide due security and confidentiality of client data, it is considered as a criminal activity and the LPO Company is subject to civil and criminal liabilities and sanctions.
Initially when the law was enforced, several LPO firms feared that the cumbersome formalities of getting a written consent from the clients every time data needs to be availed, might be a deterrent and clients might refrain from engaging an Indian LPO.
However, these fears proved to be totally unfounded. “The collection of personal data abroad by Indian companies will not come under the new rules, because Indian companies will be collecting this data on behalf of the customer who is abroad and governed by laws in his country" quoted by Mr Kamlesh Bajaj, CEO, Data Security Council of India. This means that data can be easily and seamlessly shared between client and the legal support services provider, however from this point onwards, any kind of data transaction, distribution, data leakage and theft of client information is governed by stringent laws in India.
In this scenario, it has become mandatory for Indian outsourcing organizations to be prudent when disclosing client data or any other proprietary information of their clients.
Consequently, in last few years, the information technology industry in India has also grown in leaps and bounds. Hence, enforcement of Cyber Security in order to protect the sensitive information that is shared online was the next plausible step.
National Cyber Security Policy
In July 2013, National Cyber Security Policy was put in practice with an intention of curbing cyber crimes and improving cyber security.
The Policy Lists Several Actionable Items Like:
# Companies should be encouraged to designate a chief information security officer who is responsible for cyber security
# Sensitive areas like cloud computing, social media and mobile computing should be made secure by developing legal framework that addresses cyber security concerns across these platforms.
# Global collaboration and cooperation should be improved, in order to determine the best cyber security practices and prevent data theft
# Higher level of development in cyber security measures should be encouraged, by promoting research, fostering education and conducting training programs.
The then, Communications and information technology minster, in India, Mr Kapil Sibbalhad pointed out that putting this policy into practice would be challenging. He also opined that it was imperative to make sure that this did not cause any kind of disruption that destabilizes the economy.
This policy will not just affect the LPO sector but will also prove to be pivotal in catalyzing the growth of BPO, KPO and the IT sector.
Future of LPO and The Growth Prospects
Experts have predicted that the LPO industry will grow by 1.3 billion USD in 2015. According to a US based research firm, Forester, Legal Process Outsourcing in India can bring around $4 billion in the next 10 years. The Indian LPO market has grown 27.7% from 2010 to 2014 and is poised to become a major sector for outsourcing in the coming years.
Every year the number of individuals graduating as professional lawyers is also exponentially increasing. More and more law graduates are seeking jobs in India based LPO.
LPO organizations hence have a harmonious combination of seasoned lawyers who have experience by their side, and the new age young law graduates who are technology savvy, proactive and fearless. Due to these advantages, experts think that it is very tough for LPO organizations from other Asian countries to compete with the Indian counterparts.
The potential of Indian LPO organizations is enormous and international law firms, corporate legal departments and legal counsels are eager to tap these potential togain optimum benefits. Some of the most popular legal support services outsourced to India include research support, eDiscovery services, contract drafting and revising, contract, management, Litigation support and legal research to name a few.
To conclude, we can say that, now the overseas law firms and corporate legal departments are assured that there are stringent privacy laws and cyber security policies governing the LPO in India.
As a result, Indian LPO organizations are increasingly attracting legal support work from overseas. Clients often send across representatives to audit the LPO operational centers, and after due diligence outsource their requirements.
Often the association between a client and a LPO organization starts with a single project and moves on to a strategically formed partnership that mutually benefits both the parties.
Snehi Kumari is Legal Process Manager at HiTechLPO.com. Having comprehensive insight and exposure to streamlining internal procedures; quality control methodologies; and broad areas of project management. Capable of handling administrative functions and sensitive projects effectively.
Having strong leadership and organizational skills and ability to handle work under pressure to meet deadlines on all litigation support solutions required.
# isrj.net/ArticleFullText. aspx?ArticleID=4339
The author can be reached at: firstname.lastname@example.org