In Canada, the federal government has introduced privacy breach notification requirements under the Personal Information Protection and Electronic Documents Act (PIPEDA). With recent legislative initiatives like the European Union's General Data Protection Regulation (GDPR) and California's Consumer Protection Act (CCPA), organizations face increasing needs around data privacy protection and compliance.
Other jurisdictions are looking to follow suit with their own new laws, and with discussions about privacy taking centre stage amid the growing demand for data, people are more aware of their privacy rights than ever before. It’s an issue that goes well beyond concerns about cybersecurity and GDPR compliance.
The changing landscape means privacy and data protection are fundamental business issues, regardless of which jurisdiction an organization is in or where it does business. As concern about privacy becomes a global phenomenon, organizations are collecting and processing large amounts of sensitive personal information, which means they’re at risk of everything from fines and regulatory reviews to loss of confidence and reputation.
Our Privacy advisory offering can help you rise to the challenge of privacy management and compliance. We can help you build, operate and maintain an effective privacy program through our business expertise, technology, tools and ongoing support. As a result, you can focus on your core business, improve your competitiveness and continue to make the best use of your data.
Our approach is a cost-effective option for building your privacy program more quickly than you would be able to create on your own and for managing privacy issues on an ongoing basis. You’ll have access to the resources and trusted adviser you need to make sure you have the right tools, technology and governance in place to handle the full range of privacy issues.
Our services include:
policy management and privacy notices
privacy incident reporting and notification requirements
responding to individual requests for personal data
third-party assessment and remediation
accountability and compliance reporting
data mapping to see data flows throughout the organization
privacy impact assessments
support to create and manage a data inventory
Jurisdictions around the world are implementing rules around privacy breach notification. By responding effectively to data incidents and meeting your notification obligations, we help you bolster customer and stakeholder trust and manage financial, legal and regulatory risks.
We help you assess and manage vendors while making sure you have the right due diligence and safeguards in place. Reduce your risk through appropriate contract standards and operational controls.
The GDPR may be just the start of new rules expanding individual rights over their data. The emergence of privacy as a global phenomenon means people are very aware of their rights, which increases the need for organizations to get ahead of the issue. We help you answer requests by consumers to access, correct and delete their information in a timely way so you can build trust and confidence.
With rising concern about moving information around the world, organizations need to be careful about data transfers. We help you pinpoint the right ways to transfer data across borders, which you can incorporate into your agreements.
Our experts understand the fast-changing rules and expectations around privacy management. Through our subscription offering, you get access to on-demand operational support without having to build out your own privacy program or hire additional staff.
We support your privacy officer, who retains responsibility for making decisions, with guidance and recommendations to help you with your privacy office functions and meet and stay up to date on heightened rules and expectations. We’re also able to look across our customer base to proactively advise you on privacy issues you may want to address.
© 2018 - 2020 PwC. All rights reserved. PwC refers to the PwC network and/or one or more of its member firms, each of which is a separate legal entity. Please see www.pwc.com/structure for further details.