© 2019 RSM US LLP. All rights reserved.
Data Privacy Compliance Services
Keeping you compliant with emerging data privacy regulations
Many middle market businesses underestimate the amount of personal or consumer data they may hold and the various regulations that surround storing this data. Companies are now facing significant penalties, even when no data breach has occurred, due to complex and evolving global data privacy regulations. RSM understands these regulations and can help you develop a program to proactively comply with them—and leverage this program as a competitive differentiator.
RSM’s data privacy services offer a breadth of options to best suit your organization’s needs. Our staff is well-versed in the practices that are necessary to assure compliance with a variety of data privacy regulations such as the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA), among others. RSM’s approach provides you options and flexibility on your path to compliance and adapting to the new landscape of privacy regulations and privacy-aware consumers.
Who Needs This
Based on RSM’s experience, many organizations are not fully compliant with data privacy laws and may not even realize it. Organizations that are exposed to evolving U.S. federal laws to protect consumer information (e.g., CCPA) or international regulations (GDPR, LGPD, PIPEDA) would benefit from RSM’s data privacy services.
Overview of Services
For clients who are seeking privacy regulation compliance, RSM offers the following services that will assist in key areas.
- Data audit and discovery. RSM can help you understand what data you possess, where it resides and how it flows through systems and applications, why it is collected and how it is discarded.
- Policy governance review or development. RSM can help you learn how to develop or adjust your data privacy policies with the elements required by the new regulations.
- Technical safeguard assessments. This assessment can help you ensure your controls are functioning as intended, while identifying and developing a plan to remediate any gaps.
- Incident response plan development. The new regulations increasingly require prompt data breach notification, sometimes in as little as within 72 hours of a breach. RSM can create, develop or refine incident response plans to meet these requirements.
- Advisory services. RSM can provide advice to help you develop or optimize a Privacy compliance framework, including road map development from data collection to disposal.
In addition to these services, RSM offers an extensive privacy gap assessment service, which benchmarks your organization against applicable laws and also reduces the risk of your business facing penalties from noncompliance. The goals of a privacy gap assessment are the following:
- Understand rapidly evolving privacy compliance obligations
- Develop an enterprise-wide strategy and plan for achieving compliance
- Implement required operational changes
- Train employees on threats and compliance obligations
- Maintain compliance throughout the year
Call to action
It is important for organizations to proactively review the legislative landscape, contractual obligations and customer expectations to verify their privacy and safeguarding programs. With data privacy laws constantly evolving, it’s paramount for businesses to be vigilant in assuring they are complying with these regulations. To ensure that your business is compliant to these laws and not subject to fines or penalties—and to consider ways in which compliance can be leveraged for competitive advantage—contact RSM today.