How to Stop Data Leaks Over Email in India: A 2026 Playbook
How to stop data leaks over email in India, with the four controls Indian SMBs actually need, what email DLP costs, and the DPDP penalty you are avoiding.
DPDP Penalties for Indian SMBs: What You Actually Pay When Things Go Wrong
By Priya Sharma, Compliance Lead, Sirius Star Last verified 01 June 2026 DPDP Penalties for Indian SMBs: What You Actually Pay When Things Go Wrong The short version The headline cap is Rs.250 crore. The Data Protection Board does not start there for a 30-person company. It starts with proportionality. For an Indian SMB the…
DPDP audit India: the 11-domain prep playbook that walks a first-time CIO through cleanly
By Priya Sharma, Compliance Lead, Sirius Star Last updated 29 May 2026 A CIO at a 320-person Pune pharma logistics firm got a Tuesday-morning email from his top-3 BFSI customer’s vendor risk desk. Subject line, in plain English: “DPDP audit walkthrough scheduled, Wednesday next week, 11 AM”. Seven working days. His CEO was already CC’d,…
DPDP compliance for MSME India: the 17-question self-test and 7-step rollout
By Priya Sharma, Compliance Lead, Sirius Star Last updated 27 May 2026 Two Sundays ago an IT-plus-admin head at a 120-person Mumbai garment exporter sent me a WhatsApp at 11:10 in the morning. His Company Secretary had emailed a Rs.84,000-plus-GST “DPDP onboarding kit”. The AGM was 25 working days away, with a 20-minute slot reserved…
5 real data theft scenarios your HR team should be worried about
By Priya Sharma, Compliance Lead, Secure Data Guard Practice, Sirius Star Enterprise Technologies Last updated 26 May 2026 Last November a senior recruiter resigned from a 280-person Pune fintech NBFC. He carried five years of candidate emails, offer letters, and a CSV of every notice-period employee on his way out. The HR head only realised…
DPDP readiness check: 10 questions for your company
By Priya Sharma, Compliance Lead, Sirius Star Last updated 24 May 2026 Last month an IT head at a Pune fintech texted me at 7:40 on a Sunday evening. The audit committee had moved the DPDP review forward by six weeks. He had fifteen minutes before dinner and the board memo was due Monday. He…
DPDP Act vs GDPR: what Indian businesses should know in 2026
By Priya Sharma, Compliance Lead, Sirius Star, Last updated 18 May 2026 Last quarter we audited a 280-person Pune SaaS firm that ships analytics into both Indian fintechs and three EU logistics customers. Their CISO walked in with the line every Indian compliance lead is hearing right now: “We are GDPR-compliant, so DPDP is basically…
DPDP compliance for BFSI: what IRDAI and RBI expect
That is the actual job DPDP compliance for BFSI lands on, and the trade press never describes it that way. The Act looks like one regulation. In the BFSI seat it is the third overlapping circular in 18 months, all asking for similar controls written differently, and the auditor wants one operating model that closes…
DPDP compliance checklist: 10 things to fix before May 2027
A DPDP compliance checklist for an Indian mid-size company comes down to ten controls: appoint a DPO, classify your personal data, rewrite your consent flows, build a 72-hour breach drill, audit every vendor that touches user data, fix data retention, set up a deletion request workflow, lock down endpoint exit routes, document everything, and run…
Critical DPDP Act penalties India: what ₹250 crore really means for mid-size companies
By Priya Sharma, Compliance Lead, Data Loss Prevention practice · Last updated 19 April 2026 DPDP Act penalties India, ₹250 crore per violation under the 2027 enforcement regime. DPDP Act penalties India can reach ₹250 crore per violation, plus mandatory 72-hour breach notification. Most mid-size companies haven’t started compliance, but you have until May 13,…
