Privacy and data protection


Privacy & data protection

Enterprises today face a multitude of challenges related to the privacy and protection of consumer, employee and partner data.

Globalisation of data, centralised technology architectures, outsourcing, off-shoring, national trade issues, regulatory and contractual requirements all continue to influence the corporate use of personal data. Organisations should recognise that personal data is an increasingly valuable and complex asset requiring strategic decisions to effectively meet both the challenges and opportunities in the emerging global information economy.

How Deloitte can help?

Deloitte can help organisations enhance privacy and data protection processes and solutions to reduce risk exposure and strengthen compliance, including help in the following areas:

  • Requirements rationalisation – Rationalising privacy and data protection requirements provides a key step in providing a starting point for privacy and data protection activities
  • Risk Analysis & Gap Identification – Identification of high risk exposures to determine potential gaps related to privacy
  • Data Protection & Privacy Programs – Design, develop, and implement data protection and privacy programs by rationalising privacy and data protection requirements and evaluating data protection technology

Deloitte proposition overview

  • Data Privacy Compliance (CNPD) – Ensuring that specific personal data processing performed in Luxembourg have been privacy-assessed and necessary initiatives towards the Luxembourgish data privacy commissioner (Commission Nationale pour la Protection des Données) have been taken
  • Legal Archiving Readiness (PSDC) – A new law related to dematerialisation of documents and acknowledgement of their legal value has been posted for vote in Luxembourg. Assess readiness and assist in obtaining the status of Digitisation and Archiving Service Provider (PSDC)

Our approach & methodology

Deloitte’s approach to implementing Privacy & Data Protection is to focus on data throughout its life cycle and establish an integrative platform that ties technologies, processes and governance:

  • Risk Catalogue
  • Privacy and Data Protection Portal

Digitisation of documents and legal archiving
Enterprises today face a multitude of challenges related to the privacy and protection of consumer, employee and partner data.


Roland Bastin

Roland Bastin

Partner | Risk Advisory & Forensic

Roland is a partner within the advisory and consulting department and joined the Risk Advisory practice of Deloitte in 2001. He is responsible for IT audit, IT security, IT regulatory compliance, Data... More

Irina Hedea

Irina Hedea

Partner | Information & Technology Risk

Irina is a Partner in Risk Advisory services, with more than 15 years’ experience in IT risk, IT Regulatory and Outsourcing, Information Security Management, digital trust services and project managem... More