Information and Data Privacy

Information and Data Privacy services

Information and Data Privacy

Data is king in the present day. Many businesses underestimate the amount of personal information or consumer data they may hold and the various regulations that surround storing this data.

Recent digital advancements mean that consumer data can be collected from around the world, and stored within seconds, in a variety of ways, including websites, email systems, collaboration platforms and business applications.

It is important for organisations to proactively review the legislative landscape, contractual obligations and customer expectations to verify their privacy and safeguarding programs.

RSM Information and user Data privacy services

It is important for organisations to proactively review the legislative landscape, contractual obligations and customer expectations to verify their privacy and safeguarding programs.

KEY CONTACTS

Darren Booth
Partner

E: [email protected]
T:+61 3 9286 8158


How can we help you?

 Locate nearest office

Information and Data Privacy services

Companies are now facing significant penalties, even when no data breach has occurred, due to complex and evolving global data privacy regulations.

It is important for organisations to proactively protect data by reviewing the legislative landscape, contractual obligations and customer expectations to verify their privacy and safeguarding programs. With data privacy laws constantly evolving, it’s paramount for businesses to be vigilant in assuring they are complying with these regulations.

Securing Personally Identifiable Information (PII) and achieving compliance requires more than scanning and annual audits.

True compliance is achieved when organisations can make the right security decisions throughout the year. Based on RSM’s experience, many organisations are not fully compliant with privacy laws and regulations. We understand the complexities related to these regulations and how they can affect your business and can help you develop a program to proactively comply with them—and leverage this program as a competitive differentiator.



RSM Information and Data Pricavy services
Contact a workplace assurance specialist

Benefits

RSM’s data privacy services offer a breadth of options to best suit your organisation’s needs.

Our staff is well-versed in the practices that are necessary to assure compliance with a variety of data privacy regulations such as the EU General Data Protection Regulation (GDPR), Australian Privacy Principles (APP) and the Consumer Data Right (CDR) Rules, among others.

RSM’s approach provides you options and flexibility on your path to compliance and adapting to the new landscape of privacy regulations and privacy-aware consumers.

Who needs this?

Based on RSM’s experience, many organisations are not fully compliant with information and data privacy laws and may not even realise it. Organisations that are exposed to evolving laws to protect consumer information (e.g., APP and CDR) or international regulations (GDPR, LGPD, PIPEDA, CCPA) would benefit from RSM’s data privacy services.

The CDR Rules require an organisation seeking accreditation to undergo an ASAE 3150 independent audit of their information security controls to safeguard the privacy of shared CDR data.

The GDPR was the biggest shake-up to data protection laws and privacy legislation in a generation. It affects organisations located outside the EU, who provide goods or services to people in the EU, or gather data on the behaviour of people in the EU.

RSM Information and Data Pricavy services

Overview of Services

For clients who are seeking privacy regulation compliance, RSM offers the following services that will assist in key areas.

  • Data audit and discovery.
    RSM can help you understand what types of data you possess, where it resides and how it flows through systems and applications, why it is collected and how the user data is discarded.
  • Data Privacy Gap Assessments.
    RSM can identify your key risks of compliance with rules and regulations by assessing your practices with the requirements. This results in more efficient execution of your privacy compliance efforts and helps you avoid the penalties and risks that may come from noncompliance.
  • Policy governance review or development.
    RSM can help you learn how to develop or adjust your data privacy policies with the elements required by the new regulations.
  • Technical safeguard assessments.
    This assessment can help you ensure your controls are functioning as intended, while identifying and developing a plan to remediate any gaps.
  • Incident response plan development.
    The new regulations increasingly require prompt data breach notification, sometimes in as little as 72 hours of a breach being identified. RSM can create, develop, or refine a data security incident response plans to meet these requirements.
  • Advisory services.
    RSM can provide advice to help you develop or optimise a Privacy compliance framework to protect sensitive data or financial data, including road map development from the ways your business collects data, stores data, or disposes of data.

In addition to these services, RSM offers an extensive privacy gap assessment service, which benchmarks your organisation against applicable laws and reduces the risk of your business facing penalties from noncompliance. Our approach maps out critical information processes and determines if regulatory controls have an impact on your business.

The goals of a privacy gap assessment are the following:

  • Understand rapidly evolving privacy compliance obligations
  • Develop an enterprise-wide strategy and plan for achieving compliance
  • Implement required operational changes
  • Train employees on threats and compliance obligations
  • Maintain compliance throughout the year

This results in more efficient execution of your information and data privacy compliance efforts and helps you avoid the penalties and risks that may come from noncompliance.


Need assistance about information and data privacy?

RSM Information and user Data privacy services
RSM offers Workplace assurance advice

RSM Australia is prequalified for the NSW ICT Services Scheme (SCM0020)

16 September 2021
Earlier this year, the NSW Stage Government announced the release of the NSW CSP 4.0. One of the key drivers for this Policy is the uplift of cyber resilience in government in response to the significant increase in cyber attacks in Australia. 

Phishing for information – Are you at threat of attack?

19 August 2021
In our ever-evolving society, organisations are becoming increasingly reliant on online operations, leaving them more vulnerable to cyber threats than ever before. 

Understanding your payroll function

17 August 2021
There has been a long list of high-profile Australian companies with underpayments to employees in the news recently.

Submission to Treasury on Consumer Data Right rules amendments

10 August 2021
RSM's experience in completing Consumer Data Right (CDR) information security accreditation reports and applications has informed a recent submission to Treasury on CDR rules amendmen

Cyber Security – A practical approach

9 August 2021
As the threat landscape worsens and we see new attacks emerging daily, organisations are left asking the question “what needs to change” to stop this?

Fighting Insider Fraud: Using the Right Technologies

26 July 2021
Roger Darvall-Stevens, Partner and Head of Fraud and Forensic Services, met with the team at Fraud Today for an interview to discuss his latest global webinar on the topic of Fighting Insider Fraud: Using the Right Technologies. 

Why public entities and non-profits need to step up cyber security

19 July 2021
As the past few years have shown, no organisation is exempt from the dangerous and malicious actions of criminal cyber entities. 

Ransomware – How SMEs Can Stay Safe Online

15 July 2021
There have been several ransomware attacks on Australian businesses lately. Awareness of this threat is increasing, but a number of small businesses, in particular, are still in the dark around what this is and how to protect themselves against it.  BUT FIRST, WHAT IS RANSOMWARE?

Bootstrapping your IT infrastructure for under $5K

30 April 2021
Developing your internal information technology (IT) infrastructure correctly is an essential component for your business.

Small Business Cyber Security Guide

23 March 2021
In February 2021, the Australian Cyber Security Centre (ACSC) released a Cyber Security Guide tailored for small businesses.

Have you considered your cyber security risk exposure?

15 February 2021
While it’s assumed that your business may have risk management practices in place to identify and manage various risks associated with the business environment, have you considered your cyber security risk exposure?

Cybersecurity for farmers and the agricultural industry

27 January 2021
As farmers and rural communities’ transition towards greater reliance upon online technologies, the need to protect both their personal and organisational data is paramount.

Consumer Data Right Options

4 September 2020
As the CDR ecosystem expands, organisations are asking what models are available to access the Consumer Data Right (CDR) Open Banking data. A summary of options available for product owners is outlined below.

Pages