This site uses cookies to provide you with a more responsive and personalised service. By using this site you agree to our use of cookies. Please read our cookie notice for more information on the cookies we use and how to delete or block them.

Bookmark Email Print this page

Privacy & data protection


In recent years, organizations have struggled to comply with an ever-expanding array of international laws and regulations governing the handling of personal information. High-profile data security breaches continue to attract intense publicity and regulatory reprisal. In turn, customer and employee concerns related to the protection of personal information are on the rise. To prevent reputational damage, regulatory action and the operational fallout of a breach, organizations must adopt a proactive approach to privacy and data protection.

To enable organizations to reduce this risk exposure, Deloitte leverages a wealth of experience analyzing information flows and reviewing internal controls. By allowing you to gain an understanding of the personal information you hold and how it is controlled, we can help you:

  • Develop a privacy and data protection strategy
  • Build an organization-wide inventory and classification map of personal data
  • Adopt effective policies and procedures
  • Conduct employee training and awareness programs
  • Securely enable cross-border data transfers
  • Review third-party controls
  • Retain critical data and prevent it from being compromised
  • Comply with law enforcement requests to procure specific data
  • Build privacy controls into your IT projects
  • Manage the full range of your international compliance requirements
  • Structure audit and monitoring programs for ongoing data protection compliance
  • Manage a post-breach situation and investigation

Other services

Information & controls assurance Information & controls assurance
Our information & controls assurance practitioners mitigate the risks associated with your internal systems, business processes, projects, applications, data and third-party reliance.
Capital markets and regulatory consulting Capital markets and regulatory consulting
With more complex risks today than ever before, we offer a wide range of solutions to help organizations meet the pressures of key stakeholders (boards of directors, audit committees, regulators) by enhancing their capital market and regulatory management framework.
Data risk services Data risk services
Our data risk services offer a proven methodology for identifying, analyzing and quantifying data risks. By enhancing data quality, data accuracy, data governance and data analytics, organizations can transform their data from a corporate liability to a corporate asset.
Governance & risk Governance & risk
By benchmarking your governance practices against your peers, our governance solutions team can help you establish a competitive edge and gain the insights you need to align your executives’ expectations with your employees’ actions.
Internal audit & control solutions Internal audit & control solutions
Using sophisticated diagnostic tools, we help organizations identify and prioritize business risks, create a common risk language of terms and definitions, determine appropriate risk management strategies and deploy enabling technology to better manage your risks.
Security, privacy & resiliency Security, privacy & resiliency
To enhance the security, privacy and resiliency of your organization, you need to work with trained professionals. Globally, we have over 1,100 Certified Information Systems Security Professionals (CISSP) and more than 2,000 Certified Information Systems Auditors (CISA) and Certified Information Security Managers (CISM).
Technology risk governance Technology risk governance
Our multi-functional professionals have a strong global presence and experience across virtually every industry. We can help you strengthen your IT governance practices and enhance the effectiveness and efficiency of your technology projects.
Deloitte Learning Academy Deloitte Learning Academy
Our established relationships with the Information Systems Audit and Control Association (ISACA); the Institute of Internal Auditors (IIA); the Institute of Corporate Directors (ICD); and the (ISC)² Security Transcends Technology enable us to prepare you for a wide range of certification programs.

Questions? Need more information?

Contact us

Related insights

  • Electronic communications
    Canada’s Anti-Spam Law (CASL) and electronic messages: senders face criminal & civil charges - even personal liability and fines up to $10 million.

Related industries