You belong to which state of India? I ask for this information because it is important to check whether Industrial Standing Orders Acts of your state covers IT/BPO companies as well. Govt of Karnataka has exempted IT/BPO companies from this act. What about your state?
If the Industrial Standing Orders are applicable to IT/BPO sector of your state then I recommend you formulating standing orders. Include the additional paragraph on data security, rules for data protection etc. Instead of separate policy, if you include security provisions in the standing orders itself, it will be easier for you to take action for misconduct arising out of breach of security. Since the standing orders are approved by labour commissioner, obviously these carry more weight than some policy.
From India, Bangalore
It is the prerogative of the Employer to frame the Rules to regulate / Govern the smooth Functioning / Operation of the Establishment which invariably / inevitably includes protection / secrecy of Data generated/created and maintained / archived in the business interests of the Organization.
Draft a to-the-point comprehensive Policy defining with sufficient precision as to what shall constitute Safety of Data and inter alia what shall be deemed as Data Pilferage/theft as well as prescribe punishment for misuse or theft or misappropriation or unauthorized usage in any form whatsoever without prior written permission of the Employer and uniformly enforce compliance.
( Employer / Head of Institution is the person who has the ultimate control over the affairs of the Establishment / Undertaking)
Is your Establishment registered as Establishment under the provisions of the Shops & Establishment Act and the Rules applicable to the State of Goa?
Kritarth Team is ready to render any service in this regard
Bengaluru Service Centre email@example.com firstname.lastname@example.org
From India, Delhi
From India, Madgaon