India’s booming IT and BPO industry sets up an independent watchdog — Self Regulatory Organization (SRO) — to monitor and enforce privacy and data-security standards. The organization is backed by Nasscom, the country’s association of software services companies.

The organization will give accreditation to IT firms on various standards, and will impart training and education to its members.

The organization will certify that member companies meet data security standards’ model designed to prevent incidents such as in June last year when an employee of global banking giant HSBC in Bangalore was charged with draining $460,000 from 20 British account holders.

“We will not make the regulation mandatory for anyone but will give appropriate inducements to IT firms so that they adhere to the statutory regulations set by the SRO. And if they do not confirm to it, they will get a letter of non-accreditation, which will affect their business,” says Shyamal Ghosh, the newly appointed Chairman of the SRO.

Nasscom has been actively taking various initiatives in the area of data security. The National Skills Registry launched by them in January 2006 was a major step toward offering greater security to overseas customers. It is a centralized and verified database of employees of the IT services and BPO companies with independent background checks of human resources within the country. Registrations have touched the 1,00,000 mark in about a year.

Nasscom has also set up cyber crime investigation units in various places in India, including Mumbai and Bangalore, which train police personnel to handle IT-related crimes.