Data protection and privacy

In Advisory

Our leading data protection and privacy services can help organizations stay up-to-date on the latest data threats and privacy concerns, as well as complying with regulation in a constantly evolving threat environment and regulatory landscape.​

Organizations have increased their collection of personal data, supported by technology in this digital economy. This has led to concerns over data collection and processing practices given the growing number of data incidents and breaches. In response, regulators in many countries are now enforcing existing privacy regulations more actively than in the past. ​

At the global frontier, the General Data Protection Regulation (GDPR) that came into effect on 25 May 2018 impacts any organization that has transactions with customers or businesses in the EU, placing greater emphasis on accountability, documentation and records. ​

In Singapore, taking a leaf from the GDPR, the Personal Data Protection Commission (PDPC) has  issued a public consultation in May 2019 proposing data portability and data innovation provisions and has also proposed to introduce a mandatory breach notification regime as part of the proposed amendments to the Personal Data Protection Act (PDPA). PDPC has also required Singapore organizations to discontinue the widespread practice of collecting, using or disclosing consumers’ NRIC information from 1 September 2019. EY is listed as a data protection consulting service provider in the PDPC website and can assist your organization to strengthen your compliance with the PDPA requirements.

The wide-reaching impact on business means data protection and privacy becomes a factor in business strategy and should form part of the management agenda. ​

EY data protection and privacy services and solutions are designed to help companies protect their information over the full data lifecycle – from acquisition to disposal.​  ​

Service offerings by the Cybersecurity teams help EY clients to:​     ​

  • Stay up-to-date with leading services in data security and data privacy​
  • Observe regulatory compliance in a constantly evolving regulatory landscape​
  • Forensically identify the scope and nature in the event of misuse or breach of personal information and help organizations take steps to remediate and report the event​
  • Sustain an effective data protection and compliance management posture, which helps in reducing associated costs​
  • Protect their brand reputation through the protection of business, customer and other sensitive and regulated information​

EY services aim to empower organizations to avert costly data breaches and reduce risks of non-compliance that could result in fines from the regulator. When a breach happens, EY services will help companies remediate the breach and meet their reporting obligations in a timely manner.​

Contact us

Like what you’ve seen? Get in touch to learn more.