Privacy in Design

What is Privacy in Design?

Today, corporations and institutions are collecting, storing, using, and sharing data in unprecedented volumes, for a variety of purposes. Much of this data is personal data – records of our interactions with retailers, venues, public institutions, websites, and social media. The basic principle of Privacy in Design is that privacy safeguards should be integrated into the design of applications that manage personal data, rather than added on afterward.

To implement big data strategies while protecting privacy, KI Design works with clients to analyze and improve their privacy and security practices. We offer security assessments, compliance assessments, and risk assessments. We draw on our wide-ranging expertise to help develop privacy policies and governance. Our consultants are available on call to advise on privacy and security decision-making, and to provide corporate training on new technologies and legislative changes. We also offer a variety of leading-edge, privacy protective technologies for communications, auditing, anonymization, and more.

By helping our partners to achieve high privacy standards at an enterprise level, we ease the way to regulatory approval and  integration with other networks. Product companies, public institutions, and community organizations can all benefit from end-to-end privacy implementation.

Privacy in Design advisory includes:

  • Compliance: Ensure organization-wide, up-to-date compliance with laws and standards
  • Governance: Ensure best practices when it comes to privacy governance across your organization, including roles, overall framework, and risk management
  • Consent: Manage client consent and notifications according to best practices
  • IT Implementation: Manage software adoption effectively, from needs analysis through solution design, implementation, quality assurance, and change controls



Privacy in Design can help banks to implement tools and technologies that provide compliance assurance and risk mitigation, and support responses to consumer complaints. By outsourcing privacy requirements, banks can maintain costs while meeting legislative obligations and responding to public concerns. Our privacy consultants are capable of developing, implementing and administering all aspects of a Privacy Compliance Program. We perform duties associated with consumer privacy protection rules mandated by the Gram-Leach-Bliley Act (GLBA). We have experience managing notice requirements and disclosures of personal data to affiliates and non-affiliated third parties. We can also supplement your expertise on safeguarding customer information.

Our consultants can also support your Chief Compliance Officer, senior management and staff by identifying emerging privacy issues and helping you to establish controls to mitigate risks. We can help Chief Compliance Officers to integrate privacy smoothly and efficiently into business activities by providing leadership, training and supervision.

Banks are experiencing increasing regulatory scrutiny and will need to meet high standards for regulatory compliance and risk mitigation. We can help you achieve your goals and meet public expectations economically and effectively.


Healthcare providers face daily challenges as they manage patient health information. An enterprise privacy and security program is essential to ensure the responsible collection, management, use, and disclosure of personal information within healthcare institutions. We have helped numerous health and public health organizations to define privacy policy aligned with legal requirements and best practices, and to design comprehensive programs to ensure that these policies are implemented. We offer support, advisory, and solutions in the following areas:

  • Governance
  • Security Safeguards
  • Issue Management
  • Consent Management
  • Opening Access to Data
  • Extra-Clinical Uses of Data
  • Permissible Disclosures
  • Trust Assurance
  • Identity Management


Privacy in Design helps retailers focus on improving the value of their product or service offerings by mobilizing big data and mitigating the risk of data breaches and client complaints. Consumer big data can help retailers capture consumer wants and needs in real time and  fine-tune supply, distribution, and promotions for a faster, leaner market. We help retailers to extract consumer data and use de-identification techniques to leverage big data assets while protecting individual privacy. We support retail clients to overcome barriers to achieving and maintaining a foothold in the market by:

  • Ensuring compliance with regulations including:
    • Restrictions on marketing and communications by laws including Canada’s Anti-Spam Legislation (CASL)
    • Requirements of data residency
  • Improving product design and branding to attract existing and potential clients
  • Mobilizing retail big data while protecting individual privacy through de-identification and staff privacy awareness and education
  • Understanding short term social media trends and shifting strategies in response
  • Managing customer feedback online and understanding trends that may lead to brand erosion