Privacy & Data Protection

Maximise your use of data

We can help you to make maximum use of personal data within your databases and systems, in full confidence that you are in compliance with relevant privacy regulation. Moreover, we can assist you in taking advantage of the public awareness and concern to turn privacy into a competitive advantage.

Privacy compliance assessments
Our privacy experts can conduct a variety of compliance, maturity, and risk assessments to provide you with a clear and justified account of your privacy gaps and risks – and suggest remediating actions. This includes, for example, the possibility to evaluate your data handling practices against the requirements set forth in the EU General Data Protection Regulation (GDPR). See the case example on the right.

Third-party assessments and audits
We can evaluate the privacy capabilities of your business partners, subcontractors, service providers, and other third parties to make sure they comply with your privacy requirements. This includes the delivery of Service Organization Control (SOC) reports and other formal audits.

Privacy impact assessments (PIAs)
Are you planning a new business activity or an IT system, which involves the processing of personal data? Our privacy experts can assess whether such initiative could entail a privacy risk, and if yes, which would be the best way to address this right from the start.

Privacy governance
We can help set up an organizational structure to tackle the planning and oversight of initiatives, actions and controls in an organized and efficient manner.

Design and support of privacy program
Our privacy experts can assist you in building, leading, and executing your privacy program.

Data mapping
Designed as a high-level overview of all the personal data collected and processed across your organization, or as a more in-depth scrutiny of data flows within certain departments or services, data mapping provides you with a better understanding of how personal data is processed in your organization.

Communication with Data Protection Authorities (DPA)
Our privacy experts can help your organization to communicate and exchange information with relevant DPAs. This includes, for example, the identification, development, and submission of relevant notifications. We can cover any jurisdiction within or outside the European Union.

Privacy policies and notices
We can assist you in developing internal privacy policies and external privacy statements governing your data handling practices.

Contracting and sourcing
Our legal experts can assist you to evaluate and negotiate privacy requirements, and to include them into contracts and service agreements.

Training and culture
Deloitte can provide bespoke training to select individuals, or build privacy-aware culture across the entire organization.

Privacy as a business opportunity
We can provide you with a team of privacy, business, marketing, and communications experts to help you engage consumers in order to differentiate yourself from the competition. You will no longer see privacy as a risk or a compliance issue, but a new business opportunity.


More information

Hannu Kasanen

Hannu Kasanen

Director, Cyber Risk

Hannu Kasanen työskentelee johtajana, vastuullaan Deloitten kyberturvallisuuspalvelut Suomessa. Hannulla on mittava kokemus tietoturvan, tietosuojan ja käyttövaltuushallinnan kehittämisestä. Hän on ur... Lisää

Toni Oras

Toni Oras

Data Privacy Legal

Toni toimii Deloitte Suomen lakipalveluiden tietosuoja-asioita hoitavan tiimin vetäjänä sekä yritysten lakiasiainyksiköiden konsultointiin keskittyvän ryhmän oikeudellisena asiantuntijana. Tonin erity... Lisää