24 Security safeguards

Bare Act

Section 24(1)

Every data fiduciary and the data processor shall, having regard to the nature, scope and purpose of processing personal data, the risks associated with such processing, and the likelihood and severity of the harm that may result from such processing, implement necessary security safeguards, including

(a) use of methods such as de-identification and encryption;

(b) steps necessary to protect the integrity of personal data; and

(c) steps necessary to prevent misuse, unauthorised access to, modification, disclosure or destruction of personal data.

Section 24(2)

Every data fiduciary and data processor shall undertake a review of its security safeguards periodically in such manner as may be specified by regulations and take appropriate measures accordingly.



  1. Section 24 is not applicable to "small entity" (Ref:Section 39(1))

    The contents of the website is provided "as is", without warranty of any kind, express or Implied, including but not limited to the warranties of merchantability, Fitness for a particular purpose and noninfringement. In no event shall the Authors or copyright holders or sponsorers be liable for any claim, damages or other Liability, whether in an action of contract, tort or otherwise, arising from, Out of or in connection with the website or the use or other dealings in the website.