The Personal Data Protection Bill,2019 states that "Personal Data shall not be processed unless on the consent given by the data principal at the commencement of its processing". Also the Bill says that Personal Data cannot be processed by anyone, expect for any clear, specific and lawful purpose.
This Bill has opened up new challenges for forensic auditors who want access to personal data like bank details, emails, health and medical insurances etc, for the auditing purposes. Forensic auditors,who does forensic audit carry out investigation of the auditee company's records including hard drives, laptop and desktop computers as well. The hard drives might contain both personal and official information. The forensic auditors need to skim through to find out what they actually require. The Personal Data Protection Bill prohibits this.
According to the Bill, the person whose data is used has to give explicit permission for each use and that the Burden of proof that consent has been sought from the person for use of his or her data lies with the person processing the data, making the forensic auditors more liable.
It is said that that a formal consent may affect the element of secrecy in the process. Moreover auditors warn about a lot of issues that might arise under the proposed Data Protection Bill. This Bill pose a hindrance to the forensic auditing process and it is said that the hindrance to the Forensic Audit may affect the ethical ecosystem of the company as a whole
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.