THE AADHAAR (DATA SECURITY) REGULATIONS, 20161 — THE AADHAAR (TARGETED DELIVERY OF FINANCIAL AND OTHER SUBSIDIES, BENEFITS AND SERVICES) ACT, 2016

THE AADHAAR (DATA SECURITY) REGULATIONS, 20161 [Updated as on 15.2.2024] In exercise of the powers conferred by clause (p) of subsection (2) of section 54 of the Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act; 2016, the Unique Identification Authority of India makes the following Regulations; namely: 1. Short title and commencement:- (1) These regulations may be called the Aadhaar (Data Security) Regulations, 2016. (2) These Regulations shall come into force on the date of their publication in the Official Gazette. 2. Definitions: (1) In these regulations, unless the context otherwise requires, a) cAct"> means the Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act; 2016 (18 of 2016); "Authority" means the Unique Identification Authority of India established under sub- section (1) of section 11 of the Act; "Central Identities Data Repository" or "CIDR" means a centralised database in one Or more locations containing all Aadhaar numbers issued to Aadhaar number holders along with the corresponding demographic information and biometric information of such individuals and other information related thereto; ~enrolling agency" means an agency appointed by the Authority o Registrar, as the case may be, for collecting demographic and biometric information of individuals under this Act; ~information security policy" means the policy specified by the Authority under regulation 3 of these regulations; 'personnel" means all officers, employees, staff and other individuals employed or engaged by the Authority or by the service providers for discharging any functions under the Act; g "registrar" means any entity authorised Or recognised by the Authority for the purpose of enrolling individuals under this Ac