[
II- खÖड 3(i)]
ğ:
MINISTRY OF COMMUNICATIONS AND INFORMATION TECHNOLOGY
(Department of Information Technology)
NOTIFICATION
New Delhi, the 11th April, 2011
G.S.R. 313(E).—In exercise of the powers conferred by clause (ob) of subsection (2) of section 87 read with section 43A of the Information Technology Act,
2000 (21 of 2000), the Central Government hereby makes the following rules,
namely.-1. Short title and commencement — (1) These rules may be called the
Information Technology (Reasonable security practices and procedures and
sensitive personal data or information) Rules, 2011.
(2) They shall come into force on the date of their publication in the Official
Gazette.
2. Definitions — (1) In these rules, unless the context otherwise requires,-(a) "Act" means the Information Technology Act, 2000 (21 of 2000);
(b) "Biometrics" means the technologies that measure and analyse human body
characteristics, such as 'fingerprints', 'eye retinas and irises', 'voice patterns',
"facial patterns', 'hand measurements' and 'DNA' for authentication
purposes;
(c) "Body corporate" means the body corporate as defined in clause (i) of
explanation to section 43A of the Act;
(d) "Cyber incidents" means any real or suspected adverse event in relation to
cyber security that violates an explicitly or implicitly applicable security policy
resulting in
unauthorised
access,
denial
of
service
or
disruption,
unauthorised use of a computer resource for processing or storage of
information or changes to data, information without authorisation;
(e)
"Data" means data as defined in clause (o) of sub-section (1) of section 2 of
the Act;
(f)
"Information" means information as defined in clause (v) of sub-section (1) of
section 2 of the Act;
(g) "Intermediary" means an intermediary as defined in clause (w) of sub-section
(1) of section 2 of the Act;