Data is one of the most important intangible assets for organisations. Data use differentiates organisations, enabling enhanced product development, personalised service offerings and is a source of competitive edge. Growing commoditisation of data and serious data breaches has called for sweeping regulatory change for greater transparency and accountability.

The Bermuda Personal Information Privacy Act is now enacted in law, with guidance notes expected to support implementation within organisations. Organisations should be aware of their data privacy obligations, whilst ensuring customers are at the heart of everything they do. It’s critical that organisations understand data privacy changes and what action is necessary to comply and how a data breach would be handled, especially as data breaches have potential for significant brand and reputation damage.

How we can help

KPMG has deep experience in supporting organisations to address their data privacy challenges. Our specialists can adopt a structured and flexible approach to meet the needs of your business. Services include:

  • Gap analysis of the current state of governance, systems and processes against requirements.
  • Regulatory management, which identifies and assesses both current state and future privacy requirements.
  • Ongoing management of an organisation’s data privacy policies, procedures and controls.
  • Third-party assessments of how suppliers and other third-parties manage the privacy risk for personal data they hold or manage on behalf of your organisation.
  • Sensitive data finder service, is a powerful data discovery tool, providing a leading edge capability to examine structured and unstructured data held by an organisation.
  • Incident management assists organisations with their procedures for identifying, assessing and responding to incidents involving personal information, including running simulated privacy incident scenarios.
  • Data breach response services offers a rapid 24/7 response to data breaches, that can identify attack sources, define and implement a recovery strategy, including ongoing attack detection, using KPMG’s monitoring services to detect more specialised breaches.
  • Data breach investigation uses our Global Investigations Methodology, to investigate the root cause of data breaches, putting your organisation in an informed position to make important decisions.
  • Legal services around data and security.