Section 23 in Andhra Pradesh Core Digital Data Authority (Effective Delivery of e-Services) Act, 2017
23. Security and Confidentiality of information.
(1)The Authority shall ensure the security of core digital data Security and and authentication records of the same. Confidentiality of information.(2)Subject to the provisions of this Act, the Authority shall ensure confidentiality of core data and authentication records of core entities, unless such information has been declared as public record by the law for the time being in force.(3)The Authority shall take all necessary measures to ensure that the information in the possession or control of the Authority, including information stored in the Core Digital Data Repository, is secured and protected against access, use or disclosure not permitted under this Act or regulations made thereunder, and against accidental or intentional destruction, loss or damage.(4)Without prejudice to sub-sections (1) and (2), the Authority shall,-(a)adopt and implement appropriate technical and organisational security measures;(b)ensure that the agencies, consultants, advisors or other persons appointed or engaged for performing any function of the Authority under this Act, have in place appropriate technical and organisational security measures for the information; and(c)ensure that the agreements or arrangements entered into with such agencies, consultants, advisors or other persons, it-lipase obligations equivalent to those imposed on the Authority under this Act, and require such agencies, consultants, advisors and other persons to act only on instructions from the Authority.(5)Notwithstanding anything contained in any other law for the time being in force, and save as otherwise provided in this Act, the Authority or any of its officers or other employees or any agency that maintains the Core Digital Data Repository shall not, whether during his service or thereafter, reveal any information stored in the Core Digital Data Repository or authentication record to anyone:
