Data is one of the most important intangible assets for organisations. Data use differentiates organisations, enabling enhanced product development, personalised service offerings and is a source of competitive edge. Growing commoditisation of data and serious data breaches has called for sweeping regulatory change for greater transparency and accountability.

2018 saw the biggest shake-up in privacy in 20 years. Changes to regulations in Australia and the EU privacy is a top priority for businesses.

Regulations such as the Notifiable Data Breaches Scheme (NDB) and the General Data Protection Regulation (GDPR) are lifting the standard on security measures, organisation wide data awareness and restoring trust and ownership of personal data with consumers.

Organisations should be aware of their data privacy obligations, whilst ensuring customers are at the heart of everything they do. It’s critical that organisations understand data privacy changes and what action is necessary to comply and how a data breach would be handled, especially as data breaches have potential for a significant brand and reputation damage. 

How we can help

KPMG has deep experience in supporting organisations to address their data privacy challenges. Our specialists can adopt a structured and flexible approach to meet the needs of your business. Services include:

• Gap analysis of the current state of governance, systems and processes against requirements.
• Regulatory management which identifies and assesses both current state and future privacy requirements.
• Ongoing management of an organisation’s data privacy policies, procedures and controls.
• Third party assessments of how suppliers and other third parties manage the privacy risk for personal data they hold or manage on behalf of your organisation.
• Sensitive data finder service is a powerful data discover tool providing a leading edge capability to examine structured and unstructured data held by an organisation.
• Incident management assists organisations with their procedures for identifying, assessing and responding to incidents involving personal information, including running simulated privacy incident scenarios.
• Data breach response services offers a rapid 24/7 response to data breaches that can identify attack sources, define and implement a recovery strategy including ongoing attach detection using KPMG’s monitoring services to detect more specialised breaches.
• Data breach investigation uses our Global Investigations Methodology to investigate the root cause of data breaches, putting your organisation in an informed position to make important decisions.
• Legal services around data and security.