Data Privacy

Keeping you compliant with emerging data privacy regulations

Many middle market businesses underestimate the amount of personal or consumer data they may hold and the various regulations that surround storing this data. Companies are now facing significant penalties, even when no data breach has occurred, due to complex and evolving global data privacy regulations. RSM understands these regulations and can help you develop a program to proactively comply with them and leverage this program as a competitive differentiator.


RSM’s data privacy services offer a breadth of options to best suit your organization’s needs. Our staff is well-versed in the practices that are necessary to assure compliance with a variety of data privacy regulations such as the General Data Protection Regulation (GDPR) and Personal Information Protection and Electronic Documents Act (PIPEDA) among others. RSM’s approach provides you options and flexibility on your path to compliance and adapting to the new landscape of privacy regulations and privacy-aware consumers.

Who needs this

Based on RSM’s experience, many organizations are not fully compliant with data privacy laws and may not even realize it. Organizations that are exposed to evolving Canadian laws, which protect consumer information (e.g., PIPEDA) or international regulations (GDPR) would benefit from RSM’s data privacy services.

Overview of services

For clients who are seeking privacy regulation compliance, RSM offers the following services that will assist in key areas:

  • Data audit and discovery: RSM can help you understand what data you possess, where it resides and how it flows through systems and applications, why it is collected and how it is discarded.
  • Policy governance review or development: RSM can help you learn how to develop or adjust your data privacy policies with the elements required by the new regulations.
  • Technical safeguard assessments: This assessment can help you ensure your controls are functioning as intended, while identifying and developing a plan to remediate any gaps.
  • Incident response plan development: The new regulations increasingly require prompt data breach notification, sometimes in as little as within 72 hours of a breach. RSM can create, develop or refine incident response plans to meet these requirements.
  • Advisory services: RSM can provide advice to help you develop or optimize a Privacy compliance framework, including road map development from data collection to disposal.

In addition to these services, RSM offers an extensive privacy gap assessment service, which benchmarks your organization against applicable laws and also reduces the risk of your business facing penalties from noncompliance. The goals of a privacy gap assessment are the following:

  • Understand rapidly evolving privacy compliance obligations
  • Develop an enterprise-wide strategy and plan for achieving compliance
  • Implement required operational changes
  • Train employees on threats and compliance obligations
  • Maintain compliance throughout the year

Subscribe to our newsletters



Contact us by phone +1.855.420.8473 or submit your questions, comments or proposal requests



In-Person Events

We proudly sponsor and participate in events that provide innovative ideas and opportunities for you to improve and grow your business.


Live Webcasts

We proudly sponsor and participate in events that provide innovative ideas and opportunities for you to improve and grow your business.