Reaping the benefits of the GDPR
Accelerating growth thanks to a new data regulation
Being GDPR compliant is one side of the story - Deloitte is equally focused on the opportunities that GDPR brings. We are here to help organisations explore the business potential of their data sets, and be their partner in new ventures. Read some of our propositions to find out how we can help.
Annika Sponselee - 25 May 2018
GDPR: the big day
May 25th... A defining day in Privacyland. As I write, the long-awaited introduction of the General Data Protection Regulation is upon us. And what a busy time the run-up to this day has been! My team has been supporting many, many organisations as they geared up their data policies and practices to comply with GDPR. From performing gap assessments and running transformation programmes to advising on governance issues. I am really proud of my team and what we have achieved together.
Privacy email alert
Receive the latest Privacy insights.
Tried, tested and new
A snapshot of organisations today would show varying degrees of GDPR-readiness. Some are very well prepared, but there is room for surprises, as we do not know how exactly GDPR will be enforced in practice. Some organisations still have some ground to cover. And there are some still at the very start of their journey. Deloitte will continue to provide them all with our tried and tested GDPR services.
But we are now entering a new reality for organisations, with new needs. And Deloitte is ready to respond. One new factor is regulatory enforcement: organisations must deal with questions from supervisory authorities on their handling of personal data, and may even see inspectors visit their premises. Deloitte now has a rapid-response team on hand to help them.
Reaping the benefits
But the compliance side of things is just part of the story. Deloitte is equally focused on the opportunities that GDPR brings. The real emphasis of our new services, therefore, is on helping organisations reap the benefits of their data.
The new regulations have forced organisations to create order in the information they have. And order provides insight. Insight into value that was hidden there. Deloitte is here to help organisations explore the business potential of their data sets, and be their partner in new ventures. Could privacy excellence even become an organisation’s Unique Selling Point?
Privacy Response Team - Shay Danon
‘Up till now, your organisation has been focused on meeting the new privacy requirements set by GDPR. But with GDPR now in force and your measures in place, what’s next? Do you know what to do in the case of a data breach? What is your strategy for coping with negative privacy-related media exposure? Do you know how to deal with questions or actual (unannounced) visits from the supervisory authorities? In situations like these, time is of the essence. The sooner you manage to control the situation, the less damage your company will suffer.
‘Deloitte’s Privacy Response Team can help. Immediately! This cross-functional team, made up of experts from our privacy, forensic and crisis and resilience service lines, is always on call to support you, remotely or on site. With their extensive knowledge and experience, they can help you nip crises in the bud. But they have more to offer, too. In addition to providing emergency assistance, they can advise you, train your staff or help you redraft your crisis manual, for instance.’
Privacy Strategy and Governance - Bart Witteman
‘With GDPR coming into force, organisations have taken most of the short-term measures needed to ensure compliance with the new rules. But what about the long term? And what about the broader implications? What are you actually going to do with the data you have collected? Deloitte’s Privacy Strategy and Governance proposition is aimed at helping your organisation define and cultivate its strategic relationship with data.
‘We sit down with your board and senior management to analyse what your organisation wants to achieve and what role data plays in your processes. We identify your key risks. But even more importantly, we identify the various kinds of value that data holds for your organisation. Deloitte’s experienced experts can help you recognise business potential in areas you may not have come up with. On or beyond the edge of your traditional business.
‘Based on this analysis, we work with you to define strategic priorities and integrate privacy strategy into your overall strategy. We help you design new business models. More than just a GPDR-compliant organisation, you will be one that has harnessed its data to created added value.’
Privacy by Design - Jan-Jan Lowijs
‘Up till now, getting organisations GDPR-ready has been a matter of solving issues in existing processes. A kind of fire-fighting. Privacy by Design is the proposition that prevents fires from starting. GDPR has given us a set of rules on what we may and may not do with personal data, and Deloitte has been helping organisations adjust their processes accordingly.. If your organisation is looking to design new software or at analytics to leverage its data, though, it’s much smarter - and cheaper - to take the new requirements on board in the design. And Deloitte can offer expert help.
The earlier you involve the Privacy by Design team in your project, the better. Our experts are fully up to speed on privacy legislation and can deliver end-to-end Privacy by Design services. But if design projects like this are part of your organisation’s core business, Deloitte’s experts partner with your own staff to ensure structural attention is paid to privacy aspects in each step of the design process. Compared to post-screening and repairing your processes, this saves time and money. The result: your organisation makes the most of its data with cutting-edge technology, while staying fully GDPR compliant.’
In the past year, through articles, blogs and vlogs, our team has shared a vast amount of relevant information with the public on privacy-related issues. We have now brought them together in this magazine, as an easy way for our clients to catch up. But developments do not stop here, nor will we. I am really looking forward to the next season in Privacyland!
How are organisations facing the challenge of complying with the GDPR?
How will international data transfers be impacted by the GDPR?