The introduction of the General Data Protection Regulation (GDPR) in Europe and an avalanche of similar data privacy laws around the world has brought the potential cost of a data breach into sharp focus. On one hand this is helpful to organisations struggling to justify a sizeable budget to protect against a cyber-attack, but on the other there are other areas of privacy – for example the need for transparency and consent for personal data usage, and data rights management, that don’t necessarily relate to security but could be costly in terms of non-compliance with the law.

In larger organisations the role of the Data Protection Officer or person in charge of driving compliance with data protection regulations is often a lawyer or connected to the Legal function. In smaller organisations where the role of the CISO and DPO is often combined, trying to interpret data protection law and determine what aspects apply to the organisation and how to operationalise these can be confusing as well as time consuming. 

Understanding privacy in the context of your business

At DCCP our priority is to understand your business first before we consider the cyber security and privacy risks that you may face. Our experienced Privacy partners will then work with you to design a privacy programme or package to suit your budget and the way your organisation operates. You can expect a pragmatic approach from professionals who have worked with enormous global organisations where personal data drives their business and need to ensure marketing have privacy for the consumer designed into their daily operations, to schools who may need help identifying what personal data is and be able to share, store and delete it personal data securely.

We will assess your specific privacy requirements and ensure you have everything you need from risk articulation and presentations for your board, to data discovery, policy development, and targeted employee training.

The threat of a data breach or data rights request can feel like a heavy burden on a smaller organisation. DCCP can help with the heavy lifting should the situation arise and ensure the jurisdictional reporting requirements are taken care of, as well as helping you re-assure your stakeholders, shareholders and clients along the way.

Useful Resources

Password Manager Pros and ConsPassword Manager Pros and Cons

haveibeenpwned.comhaveibeenpwned.com

The Australian Cyber Security Centre’s “Essential Eight Maturity Model” and the American National Institute of Standards and Tec hnology’s “Cybersecurity Framework” (NIST CSF)The Australian Cyber Security Centre’s “Essential Eight Maturity Model” and the American National Institute of Standards and Tec hnology’s “Cybersecurity Framework” (NIST CSF)

Privacy Act Review ReportPrivacy Act Review Report