Excerpt from The Economic Times Article, Published on March 16, 2026
India’s Global Capability Centres (GCCs) are still in the early stages of implementing the DPDP framework, even as the compliance deadline continues to move closer. Experts say many organizations are currently conducting internal assessments and preparing their data governance strategies rather than fully deploying compliance systems.
The DPDP Act, formally known as the Digital Personal Data Protection Act, aims to strengthen data privacy practices across organizations that collect and process personal information in India. The law provides companies with a 14 – month window to prepare their systems, policies, and internal controls for regulatory compliance. However, industry specialists indicate that only a limited number of firms have progressed beyond the initial planning phase.
India hosts nearly 1,700 to 1,800 Global Capability Centres, which serve as operational hubs for multinational companies. These centers often handle large volumes of global data across functions such as analytics, finance, human resources, and technology services. Because of this scale, aligning internal processes with DPDP requirements can be complex.
One of the main challenges involves identifying where personal data resides across multiple systems. Many GCCs manage data that originates from several jurisdictions, which makes classification and segregation a critical step in compliance preparation. Experts also point out that companies that previously complied with international privacy regulations such as GDPR cannot automatically assume that those controls will fully satisfy India’s data protection requirements.
Organizations are therefore focusing on data mapping, consent management frameworks, and internal privacy governance to prepare for the regulatory changes. Compliance specialists believe the coming months will see increased investment in data protection tools and governance processes as companies accelerate their preparation efforts.
The evolving regulatory landscape highlights the growing importance of structured data governance and privacy risk management for organizations operating in India’s technology ecosystem.
To delve deeper into this topic, visit The Economic Times
