RSM’s privacy and data protection services offer a breadth of options to best suit your organisation’s needs.

Our team are well-versed in the practices that are necessary to perform assessments, and support compliance with a variety of privacy and data protection regulations such as the EU General Data Protection Regulation (GDPR), Australian Privacy Principles (APP) and the Consumer Data Right (CDR) Rules, among others. 

We understand that all organisations are unique. Our approach is to understand your needs and provide you with a fit for purpose solution to understand and comply with privacy and data protection regulations. 
 

Many organisations do not know how to navigate the requirements under various privacy and data protection laws and regulations. There is much more to privacy and data protection, then having a Privacy Policy in place. Depending upon the type of information in focus, and nature of the organisation’s business function, there are many existing and evolving laws and regulations that may be relevant for the organisation to comply with. Some examples of these include the Australian Privacy Act 1988, and Consumer Data Right Rules, or international regulations such as the General Data Protection Regulation (GDPR). 

Has your industry been nominated to comply with CDR? The CDR Rules require an organisation seeking accreditation to undergo an ASAE 3150 independent audit of their information security controls to safeguard the privacy of shared CDR data. 

If your organisation is collecting, storing, securing, using, sharing, archiving, or destroying personal, and sensitive or consumer data, then you can benefit from RSM’s privacy and data protection services. 

RSM welcomes the opportunity to meet with you to discuss your organisation’s specific needs. Below is a listing of the standard privacy and data protection services we provide:  

• Data Audit and Discovery 

RSM can help you understand what types of data you possess, where it resides, how it flows through systems and applications, why it is collected, and how the data is discarded.

• Privacy Gap Assessments 

A privacy gap assessment can identify the key areas of non-compliance with laws, rules, and regulations by assessing your existing practices against the requirements. This assessment highlights your privacy compliance efforts and provides key outcomes for uplift and management of privacy risks and compliance. 

• Policy Governance Review and/or Development. 

RSM can support the update of your existing privacy and data protection policies and/or development of new policies to meet the requirements of privacy and data protection laws and regulations, including new regulations.

• Data Breach / Security Incident Response Plan Review and/or Development 

It is paramount for an organisation to have a response plan which includes the relevant notification requirements for a data breach. New regulations increasingly require prompt data breach notifications, sometimes in as little as 72 hours of a breach being identified. RSM can develop, and/or refine a Data Breach / Security Incident Response Plan to meet these requirements.

• Advisory Services 

RSM provides advice to help you develop or optimise a Privacy Compliance Framework to protect personal and sensitive information and/or consumer data, including the development of a fit for purpose road map to increase privacy maturity over time.