HomeLatest NewsCyber SecurityDPDP rules signal need for stronger AI access controls, says Saviynt’s Nitin Varma
Cyber Security

DPDP rules signal need for stronger AI access controls, says Saviynt’s Nitin Varma

Tech Observer Desk
By Tech Observer Desk
Updated On
Listen . 1 min
Make us preferred on Google

Following the government’s notification of rules to operationalise the DPDP Act, Nitin Varma said identity and access governance must be central to AI deployments to ensure accountability and real time oversight.

Nitin Varma, SVP & MD, India & SAARC, Saviynt
Nitin Varma, SVP & MD, India & SAARC, Saviynt
Preferred Source of Google

Exclusive

The government’s notification of rules to operationalise the Digital (DPDP) Act has prompted fresh discussion on the need for stronger identity and access controls in artificial intelligence systems, according to a senior industry executive.

The rules, issued this week, give practical effect to the DPDP Act and outline compliance requirements for organisations that handle personal data. They also specify the rights available to individuals. Implementation will take place in phases.

In the backdrop of the notification, Nitin Varma, Senior Vice President and Managing Director for and SAARC at Saviynt, said the development coincides with a shift in access governance is viewed in AI deployments.

Advertisement
EVENT
Saksham Bharat 2026
Saksham Bharat 2026
A multi-stakeholder dialogue on skilling gap in Cybersecurity, Data Resilience and AI — and the roadmap to a Saksham Bharat.
📅 Tue, 26 May 2026
📍 Mumbai, Bengaluru, Delhi
Register Now →
EVENT
VeeamON 2026 Tour India - Mumbai
VeeamON 2026 Tour India - Mumbai
A VeeamON 2026 India Leadership Series Mumbai for senior public sector and government technology leaders.
📅 Tue, 26 May 2026
📍 Grand Hyatt, BKC
Register Now →
EVENT
Cyber Surakshit Uttar Pradesh
Cyber Surakshit Uttar Pradesh
Find out strategies, frameworks and solutions for building a resilient and secure digital ecosystem across Uttar Pradesh.
📅 Thu, 28 May 2026
📍 Lucknow
Register Now →
EVENT
VeeamON 2026 Tour India - Bengaluru
VeeamON 2026 Tour India - Bengaluru
A VeeamON 2026 India Leadership Series Bengaluru for senior public sector and government technology leaders.
📅 Wed, 03 Jun 2026
📍 JW Marriott Hotel
Register Now →
EVENT
VeeamON 2026 Tour India - Delhi
VeeamON 2026 Tour India - Delhi
A VeeamON 2026 India Leadership Series Delhi for senior public sector and government technology leaders.
📅 Fri, 19 Jun 2026
📍 Shangri-La Eros
Register Now →
EVENT
Infosec Reimagined
Infosec Reimagined
Infosec Reimagined 2026 is the premier information security summit where top leaders—CISOs, CROs, CIOs, CTOs and risk executives—converge to redefine cyber resilience.
📅 Fri, 26 Jun 2026
📍 New Delhi
Register Now →
EVENT
Digital Senate
Digital Senate
Digital Senate is a premier conference uniting government leaders, technologists and innovators to share ideas, success stories and strategies on digital governance, public sector transformation, cybersecurity and emerging technologies in India.
📅 Thu, 30 Jul 2026
📍 New Delhi
Register Now →
EVENT
CIO Prism
CIO Prism
CIO Prism unites forward-thinking technology leaders to exchange transformative insights, shape digital strategies, and foster innovation, empowering enterprises to excel in an era of rapid technological change.
📅 Fri, 18 Sep 2026
📍 Goa
Register Now →

“India’s new AI Governance Framework signals a decisive shift, identity and access governance is now a national level priority for safe and responsible AI,” Varma said.

He said that as organisations use AI in decision making and mission critical functions, risks are linked not just to data but to the access privileges granted to people, systems and autonomous agents.

“As organisations embed AI into core decision making and mission critical workflows, the real challenge is not model sophistication but ensuring that only the right people, systems and autonomous agents receive the right level of access for the right purpose at the right time and can be held accountable for how that access is used,” he said.

Advertisement

Varma added that conventional access controls are not built for the speed and automation associated with AI.

“Traditional periodic controls were not designed for the , scale and autonomy that AI environments demand,” he said.

He said companies will need identity platforms that provide continuous oversight and real time policy enforcement as AI systems become more integrated into enterprise operations.

Advertisement

“Indian enterprises will now require converged intelligence driven identity platforms that offer continuous assurance, real time policy enforcement and AI led risk detection,” he said.

Varma said the combination of the DPDP rules and the government’s AI governance approach should prompt organisations to reassess how identity is managed as part of digital transformation.

“This is a pivotal moment for organisations to modernise identity governance and build a secure innovation ready foundation for AI,” he said.

ALSO READ

Get the day's headlines from Tech Observer straight in your inbox

By subscribing you agree to our Privacy Policy, T&C and consent to receive newsletters and other important communications.
Make us preferred on Google
Tech Observer Desk
Tech Observer Desk
Tech Observer Desk at TechObserver.in is a team of technology reporters led by a senior editor who brings latest updates and developments from the world of technology.
- Advertisement -
Powered By Veeam Logo
- Advertisement -

Subscribe to our Newsletter

By subscribing you agree to our Privacy Policy, T&C and consent to receive newsletters and other important communications.
- Advertisement -

Latest in TECH

Tech Observer Desk

India flags off Suryastra, its first 300 km rocket launching system

India flagged off Suryastra, its first indigenous 300 kilometre range rocket launching system, at a new private sector defence complex in Shirdi. The facility will manufacture missiles, artillery and autonomous defence platforms.

RELATED ARTICLES