Care of personal Information (Part-9)
An organization is mandated to make reasonable efforts to make sure the information it has is accurate and complete and in order for its protection it must make reasonable security arrangements to prevent unauthorized access.
The organization must retain the information for at least 1 year after using it. Personal information must be destroyed or removed as soon as it is not necessary for legal or business purposes.
Commissioner (Part 10)
This act makes the Commissioner responsible for monitoring and ensuring the administration of this act and confers several powers like-
- Initiating investigation and audists to ensure compliance on complaints being made.
- Inform public about the act and receive comments from public about the administration of the act
- Comment on the implication for protection of personal information of programs proposed by organization
- Bring any failure to the attention of the organization etc.
Powers of Commissioner
- Power to authorise organization to regard requests
- Power to conduct investigation, audits or inquiries
- Maintenance of order at hearings
- Contempt proceedings for uncooperative person
- Commissioner or any person acting under him is immune to give evidence except when the matter is related to perjury, prosecution for an offence under the act or application for judicial review or appeal
- Protection against libel or slander actions
- Power to delegate any person any duty