The state government of Kerala issued security guidelines in data collection for COVID-19 practices and procedures after Sprinklr controversy.
In one of the orders of the Kerala government, all data collection processes ‘should strictly comply with the Information Technology Rules issued by the Central Government. Chief Secretary Tom Jose stated that the High Court expressed concern over the data confidentiality of patients.
The information gathered from the infected patients should remain anonymous before allowing access to U.S. company Sprinklr Inc. India’s High Court instructed the state government to inspect and explore the submission of information to Sprinklr.
The Ministry of Information and Technology is capable of providing similar services offered by Sprinklr. The High Court later on informed that collection and processing of data will go through State Data Centre (SDC).
“Certain issues have been raised in the public domain on arrangements made with the above US-based company was in accordance with [the] procedure and done after taking necessary safeguards to protect the privacy of citizens,” said Chief Minister Pinarayi Vijayan.
The Kerala government appointed a two-member committee consisting of top bureaucrats to submit a report on patients’ data management.
The Department of Information Technology in April initiated the set up of data collection and analytics platform to meet the security requirements stated by the government. The collection of personal data is strictly monitored and government agencies examine the data processing.
Sprinklr Controversy
In the last month, the government repeatedly denied any wrongdoing in engaging with US Sprinklr in accessing citizens’ data and information. The state government said it had contracted Sprinklr as an ‘emergency measure’ to analyze and organize citizens’ data to understand how the pandemic would ‘behave’ in Kerala.
However, the Opposition dragged the government in High Court saying ‘it had used the outbreak as a cover to allow the US-based firm to harvest and monetize medical information.’
The government was able to address the points raised in the court and insisted that the collection of personal data of citizens was legally recorded because of consent. The Opposition said that citizens should be informed about the purpose of the collection.
The Kerala High Court passed an order on April 24, 2020, expressing data confidentiality under the contract between the Kerala government and Sprinklr Inc. The court said the government should take prior consent from citizens that their data can be accessed by third-party service providers.
