Data Protection Day

28 January 2023

Data Protection Day, which falls on every 28 January, is an annual reminder of the importance of ensuring that personal data is properly handled and safeguarded. It is also an excellent opportunity to raise awareness, among organisations and consumers alike, on the protection of personal data and ongoing compliance obligations.

Interest in data protection matters has increased in recent years. Market disruptions, emerging technologies and more complex trade flows have all contributed to putting data protection at the front and centre of an organisation’s compliance programme. Public awareness is, likewise, growing and is putting pressure on organisations to review their procedures and practices to avoid any reputational risk.

To mark the occasion, PwC Malta has put together 5 principles that C-Suite executives can consider for the foundation of a comprehensive data protection programme:

1. Leadership

As for any compliance programme, senior management buy-in is essential for effective collaboration and communication. Appointing a Data Protection Officer (DPO) and/or identifying privacy champions within the organisation can ensure that data protection is put on the agenda by having persons who will advocate for the programme.

Leadership image

2. Know your data

Organisations should be aware of how and why they are processing personal data. Through data mapping, organisations can also locate the data, identify whether it is sensitive, ensure that adequate security measures are in place and determine whether any gaps in compliance are present.


Know your data

3. Promote trust

Individuals are guaranteed a number of rights under data protection laws. Accordingly, organisations should ensure that robust mechanisms such as rights request policies and privacy notices are in place to respect the rights of individuals.



Promote trust

4. Respond quickly

Fines for data breaches can amount to millions of Euro if they are not dealt with properly. The DPO and/or the privacy champions should have a clear process in place to respond to data breaches within the prescribed time frame.



Leadership image

5. Train your staff

Employees who are properly trained in data protection are more likely to identify privacy risks and breaches. An awareness programme is key to any organisation’s privacy framework as employees handle a large amount of data on a daily basis.


Employee training

Contact us

Mark Lautier

Mark Lautier

Tax Partner, PwC Malta

Tel: +356 2564 6744

Lee Ann Agius

Lee Ann Agius

Manager, Tax, PwC Malta

Tel: +356 2564 4027

Claire Balzan

Claire Balzan

Manager, Tax, PwC Malta

Tel: +356 2564 2410

Follow us

Required fields are marked with an asterisk(*)

Please tick as appropriate


  1. By submitting your email address, you acknowledge that you have read the Privacy Statement and that you consent to our processing data in accordance with the Privacy Statement (including international transfers).
  2. Personal data can be changed on request, via email - PwC Malta reserves the right to reject new subscription requests or terminate subscriber accounts at any time without notice and/or justification. If you wish to stop receiving these e-mails from us, please send an email with 'Unsubscribe' as the subject.