Information security, privacy and confidentiality
Safeguarding confidential information is core to the services Deloitte member firms provide. Deloitte is committed to protecting client data and our own data, and to continually monitoring regulatory and legal requirements to ensure compliance.
Deloitte member firms’ approach is to work closely with clients so that we can support compliance with privacy and client confidentiality requirements as part of the provision of services. Deloitte goes to great lengths to remain secure, vigilant and resilient in order to remain trusted custodians of clients’ confidential information. To achieve this, Deloitte implements confidentiality, privacy and information security policies and standards.
EU General Data Protection Regulation
The EU General Data Protection Regulation (GDPR)—one of the most significant changes to European privacy laws in more than 20 years—entered into force in May 2018. The new regulation completely overhauled existing rules relating to the handling of personal data, significantly affecting businesses in all industry sectors.
Although the GDPR applies primarily to organizations established in the EU, it has a broader reach and sets a high bar for the protection of personal data globally.
Deloitte welcomes the new GDPR and the improved consistency of privacy and security requirements that it brings as it relates to the handling of personal data. Deloitte has comprehensive policies and procedures in place to protect personal and confidential information and to support compliance with relevant data protection requirements, including the GDPR.
The Deloitte Global Information Security team works with local Deloitte information security professionals around the world to help implement an aggressive strategy designed to:
- Create a cohesive, worldwide program with consistent, high-quality security services;
- Extend security tools worldwide for advanced protection of highly distributed data; and
- Reduce the risk of data loss through practitioner actions.
The Deloitte Global Privacy team provides guidance to member firm Privacy leaders who each implement programs within their firms to enable compliance with applicable laws and maintain the confidentiality, integrity and availability of information. Deloitte Global privacy policies require all firms to comply with and implement common privacy principles across the network.
The Deloitte Global Confidentiality team works with member firm Confidentiality leaders around the network to advance Deloitte’s approach to protecting confidential information. Deloitte uses various strategies such as confidentiality standards and controls to help ensure globally consistent protection of confidential information. Deloitte also has developed an innovative global technology solution to make monitoring data protection compliance simpler and more efficient. Additionally, the team also develops data security communications and trainings designed to help all Deloitte professionals understand the critical role they play in protecting all data.