What is a Significant Data Fiduciary (SDF)?
The government may designate certain Data Fiduciaries as SDFs based on volume, sensitivity, risk, or public interest; SDFs face enhanced duties including a DPO and periodic audits.
Section 10 obligations include appointment of a Data Protection Officer, independent audits, and DPIA-style assessments as rules prescribe.
Even if not yet designated, high-risk processors should adopt SDF-grade controls proactively.