How does EchelonGraph detect DPDP Act DPDP-16 violations?

EchelonGraph automatically detects DPDP Act DPDP-16 violations using scanner rule DPDP-016. The scanner checks cloud infrastructure configurations in real-time and flags non-compliant resources.

What audit questions are asked for DPDP Act DPDP-16?

Lifecycle rules per category? Cryptographic erasure? Backup retention aligned?

🇮🇳DPDP Act DPDP-16Rule: DPDP-016high

Data Retention Compliance

Description

Data must be retained only as long as necessary; deleted promptly when no longer required.

⚠️ Risk Impact

Over-retention creates compounding breach exposure + DPDP non-compliance.

🔍 How EchelonGraph Detects This

DPDP-016Automated scanner rule

EchelonGraph's Tier 1 Cloud Scanner automatically checks for this condition across all connected cloud accounts. Violations are flagged as high-severity findings with remediation guidance.

🔧 Remediation

Automated lifecycle rules. Documented retention per category. Cryptographic erasure for encrypted-at-rest.

💀 Real-World Attack Scenario

A company retained user-uploaded documents indefinitely. Breach exposed 12 years of files. DPDP penalty included over-retention factor; ₹140 crore.

💰 Cost of Non-Compliance

Retention violations: ₹50-₹100 crore.

📋 Audit Questions

1.Lifecycle rules per category?
2.Cryptographic erasure?
3.Backup retention aligned?

⚡ Common Pitfalls

⛔Lifecycle rules absent
⛔Backup retention misaligned

📈 Business Value

Minimized retention reduces breach scope.

⏱️ Effort Estimate

Manual

Lifecycle rules deployment

With EchelonGraph

EchelonGraph monitors retention compliance

🔗 Cross-Framework References

GDPR-Art17

Automate DPDP Act DPDP-16 compliance

EchelonGraph continuously monitors this control across all your cloud accounts.

Start Free →