In the paper we highlight how different sectors fare on their data privacy and security strategy, investments on training their employees to protect data and adoption of security audits to bolster defences. Data clearly highlights the entire industry has lot of work to do in improving their institutional framework and in imparting training. Healthcare and Hospitality sectors stand-out as laggards and Hospitality is particularly concerning as the sector not only handles a lot of sensitive information of Indian but also global citizens, hence the sector at this point should have achieved GDPR compliance. To give benefit of doubt, it is entirely possible that the adoption of data security and privacy is much higher in Hospitality and Healthcare, only the disclosure standards are poor. Then again trust is gained through transparency and as the adage goes, if you have it flaunt it.