| Day 1 – October 3rd, 2023 Data Security Council of India (DSCI) |
| 08.00 am | Registration | Information about the session |
| 09.00 – 09.30 am | Welcome Address and context setting | |
| 09.30 – 11.00 am | Foundational Workshop (75-minute session + 15 Q/A) | Educate participants about data protection principles and basic technical concepts relevant to data management principles. Topics include privacy, data protection, proportionality principles, consent framework, and cybersecurity standards. After completion of this session, participants will have knowledge about common data protection principles, data protection vocabulary, basic technical concepts and cybersecurity principles. |
| 11.00 – 11.20 am | Tea break | |
| 11.20 – 12.50 pm | Legal and Compliance (75-minute session + 15 Q/A) | Educate participants about the laws and rules that a medical practitioner may engage with. Topics include introduction to basic legislative process in the Parliament; Data Protection laws and policies in India; Role of the National Health Authority, CERT-IN, Ministry of Health and Family Welfare in Health Data Management and cybersecurity measures; Health data governance around the world, particularly the GDPR, HIPPA, among others. After completion of this session, participants will have a holistic view on the enacted and upcoming laws relevant to health data, the Digital Personal Data Protection Act, 2023’s impact on hospitals and medical practitioners, an overview of the key health data regulations in India, Constitutional provisions relevant to the session, and cybersecurity compliance in India. |
| 12.50- 01.50 pm | Lunch | |
| 02.00 -03.15 pm | Fireside Chat | An interaction with a lawyer to discuss any doubts or questions that participants may have. The lawyers will not give binding advice and any responses by the lawyer will not be construed to create a legal relationship of client and advocate. The lawyer will utmost help participants understand the best practices and/or clarify any law, rule, procedure or legal question. |
| 03.15 – 03.30 pm | Tea break | |
| 03.30- 05.00 pm | Situational Analysis (20-minute to complete the worksheet + 70-minute Q/A) | Educate participants through situational training on how health data should be collected, managed, and deleted. Training exercise may consist of a worksheet that will consist of hypothetical situations to which participants will answer how they would react. The hypothetical questions will be created based on a questionnaire circulated with CMC earlier. Once they complete the worksheet, they have the chance to evaluate their responses against answers displayed on screen and explained by professionals. After an explanation of each answer, participants may ask follow-up questions. After completion of this session, participants will gain practical insight about their role by applying theoretical knowledge on data protection to situations. |
| 05.15 pm | Conclusion of Day 1 | |