External DPO service providers, whilst offering valuable benefits to the organisation, are not a one stop shop for privacy and data protection compliance. Companies must still maintain robust data protection policies, promote good data protection practices and generally uphold the data protection principles.
India’s DoT now requires outsourcing providers in India to capture and store certain call records and system logs at their Indian delivery centers. Outsourcing customers should evaluate their agreements to ensure their information and that of their customers is safeguarded while complying with obligations under the Guidelines.
Outsourcing business model creates a reliance on third parties and increases security risks as more companies have access to the same information that was previously kept within a company.