Data Privacy

Cyber Risk Services

Explore Content

Privacy and Data Protection issues present a growing challenge for organisations. Complying with the associated requirements ensures there are no unforeseen interruptions to your operations. Customer and employee concerns over personal information and sensitive data can lead to reputational risk. Breaches in data protection legislation can inhibit organisational change and adversely affect technology integration.

The EU has led government data privacy initiatives to protect the privacy of its citizens. The US has a combination of legislation to protect the citizens' rights (COPPA, CAN-SPAM) and sector-led initiatives to protect the privacy of patients and customers (HIPAA, GLBA). It is no wonder that many organisations doubt the status of their data privacy control and even whether their data processing would stand up to detailed scrutiny.

 Ensuring Data Privacy

Our services allow you to make maximum use of the data within your databases and systems, in confidence that you are in compliance with data privacy regulations. We can provide a compliance management strategy for cross-border data flows and a framework of policies, procedures and local guidance. Our services also help you set up sound outsourcing agreements with respect to the processing of personal data, and enable sound decisions on data centre consolidation.

In order to help gain confidence in compliance and in the effectiveness of your data privacy policies, we provide:

  • A compliance management strategy for cross-border data flows
  • A framework of policies, procedures and local guidance
  • Registrations and notifications with national authorities, where and when applicable
  • Binding corporate rules as a means of facilitating the transfer of personal information and as a serious alternative to other compliance mechanisms
  • Third-party processor agreements with respect to the disclosure of personal data
  • Management of key issues, such as employee monitoring, complaint handling and subject access request procedures
  • Training and awareness tools and materials

Success is not a one-off event and requires ongoing attention and hard work. We aim to build sustainable control and can engage with you on an ongoing basis to continuously monitor effectiveness and efficiency of the controls and security.

Why Deloitte?

  • Our team includes both legal and IT specialists ensuring effective communication between and support to the different departments involved implementing data privacy.
  • As your advisor, we can help establish a privacy program based on our tested and proven risk based approach.
  • We deliver reports that are to-the-point, that answer the 'so-what?' questions and provide clear guidance on how to solve the issues at hand.