Artboard 1Icons/Ionic/Social/social-pinterest

Data & Privacy

Data is a crucial part of every business environment. It is imperative that all organisations have systems and procedures in place to manage local and international legal requirements as well as maintaining a social licence to operate

Data & Privacy

We have seen some key changes in the privacy space recently: the Australian Federal Government has introduced new mandatory breach notification laws and the European General Data Protection Regulation (GDPR) will have extraterritorial operation and potentially affect Australian businesses.

Expertise

The local mandatory data breach rules provide a reason for many Australian businesses to reconsider the way they collect, process, store, and share secure personal information. Even if one business is not concerned about its data practices, its business partners are likely to be increasingly persistent about transparency of legal compliance.

Our practice covers data in many forms, including business information, big datasets and personal and sensitive information. While we spend significant time advising on the Privacy Act and the Spam Act, the issues around data often crossover into competition law and complex commercialisation arrangements. We also understand managing data and privacy risk involves a range of stakeholders within an organisation and we often work not only with general counsel but internal executive teams including chief data officers, chief security officers, chief risk officers and the regulatory and communications executives.

We can assist with your privacy and data protection concerns by:

  • reviewing current policies and underlying practices
  • training management and frontline staff
  • preparing and implementing policies, codes of conduct, and internal procedures
  • providing advice in crisis situations – such as breaches
  • preparing compliance plans and privacy impact assessment.

For our latest analysis on the expected changes to Australia’s privacy regulatory landscape over 2020/21, watch our webinar co-hosted with OneTrust DataGuidance here.  

Experience

Information Governance Frameworks

We work with senior managers and boards to develop and implement information governance frameworks. This encompasses risk management strategies and often overlaps with other areas of risk and compliance, including anti-corruption. Our primary concern is Privacy Act compliance as well as relevant international requirements so that group policies can align with all relevant jurisdictions. 

Data Breach planning, investigation and response

We can assist you to develop breach response plans, rehearse and scenario plan, prepare in advance your response and investigation planning methodology and team. We also assist in liaising with the Office of the Australian Information Commissioner.

Data Security

Holding Redlich has experience advising international organisations about the collection and use of various elements of personal information in Australia including the ability to use personal information to create derivative statistical and risk assessment products for use in and out of Australia. We also have experience drafting privacy, right to information and data security provisions for commercial contracts for local, State and Federal government agencies, Government owned corporations and statutory authorities.

Regulator investigations and enquiries

  • acting for both corporations and individuals in regulatory investigations and prosecutions
  • assisting clients in managing regulators’ monitoring and enforcement visits
  • advising on and creating compliance and risk management policies and programs tailored to the particular risks faced by different corporations and individuals
  • advising companies, directors and officers involved in external investigations and prosecutions brought by Commonwealth and state agencies.

Open Data frameworks and information access (FOI)

Holding Redlich acts on behalf of applicants and respondents to Freedom of Information requests. We regularly advise on the validity (or otherwise) of the scope of a request, and assist clients in refusing requests for documents that are either too voluminous or seek only documents that are exempt under the FOI Act. We also assist in the processing of FOI requests, including the review of documentation and assessment for exemption. Once a decision is made, we assist the decision-maker to communicate the basis of their decision. We have also successfully defended appeals and complaints made to the FOI Commissioner in respect of those decisions. 

  



Andrew Hynd

Andrew Hynd

Partner

Brisbane

More info
Lyn Nicholson

Lyn Nicholson

General Counsel

Sydney

More info
Dan Pearce

Dan Pearce

General Counsel

Melbourne

More info
Trent Taylor

Trent Taylor

Partner

Brisbane

More info

Recent Posts

25 March 2020 - Knowledge

Discussion: The future of privacy regulation in Australia

#Data & Privacy

Tune into our latest analysis on the expected changes to Australia’s privacy regulatory landscape over 2020/21 in this webinar presented by partner Angela Flannery and senior associate Sarah Cass.

25 March 2020 - Knowledge

Privacy of employees and others in 2020

#Data & Privacy

Public health concerns have heightened awareness of sharing important information, but what are the limits?

11 March 2020 - Knowledge

Australian Information Commissioner takes Federal Court action against Facebook

#Data & Privacy

The Australian Information Commissioner has taken Facebook to court for difficult to use settings that consumers could not easily use that enabled a third party app to harvest personal information of both the users of the app and their Facebook friends.

03 March 2020 - Knowledge

Next regulatory steps taken for Australia’s consumer data right

#Data & Privacy

The OAIC issued its CDR Privacy Safeguard Guidelines on 24 February 2020, which is one more regulatory step forward in the implementation of the Consumer Data Right.

18 February 2020 - Knowledge

Data governance – what’s at stake for your business?

#Data & Privacy

With the increased role of regulators in the post-Hayne era, it is now more crucial than ever for corporations to understand how best to manage their data. We look at the key risks are in this increasingly data driven world, and the reasons why businesses should establish a Data Governance Framework to avoid potential damage to their business and falling afoul of the law.

14 February 2020 - Knowledge

Notifiable data breach: Two years on and mostly ‘behind the scenes’

#Data & Privacy

This month marks two years since the introduction of Australia’s notifiable data breach scheme. We look back on key events and learnings from the data and privacy space over this time, and outline why businesses should continually review their privacy practices.

11 February 2020 - Knowledge

California sets new standard for privacy in the US

#Data & Privacy

From the start of this year, the US has a new high water mark for privacy regulation. The California Consumer Privacy Act has come in to effect, and it can apply to entities located outside that state. 

14 January 2020 - Knowledge

Government Bulletin – summer edition

#Government, #Construction & Infrastructure, #Corporate & Commercial Law, #Data & Privacy, #Planning, Environment & Sustainability, #Property & Real Estate, #Workplace Relations & Safety

In this special edition of our fortnightly publication, we put a spotlight on the government’s ongoing digital transformation and take a close look at some of the key trends and issues as a result of this digitisation.

10 December 2019 - Knowledge

Employment and privacy in the surveillance age

#Data & Privacy

Employers collecting employee data to manage risk and business activities will need to exercise caution, a recent media report suggests. We outline the complex legal issues.

10 December 2019 - Knowledge

Expert guide: Be ready for 2020

#Agribusiness, #Corporate & Commercial Law, #Data & Privacy, #Immigration Law, #Native Title, #Planning, Environment & Sustainability, #Property & Real Estate, #Technology, Media & Telecommunications, #Transport, Shipping & Logistics, #Workplace Relations & Safety, #Procurement

New whistleblower requirements, increased pressure to protect data globally, turbulence in the communications sector, and intensifying drought management issues - 2020 is set to be a significant time of change across many industries.

04 December 2019 - Knowledge

Key issues for the communications sector in 2019, 2020 and beyond

#Technology, Media & Telecommunications, #Data & Privacy

Following the recent Law Council of Australia Media and Communications 2019 seminar hosted by Holding Redlich in Sydney, we wrap up the major points made by the two key note speakers, ACCC Chair Rod Sims and Australian Privacy Commissioner Angelene Falk.

23 October 2019 - Knowledge

Privacy in 2019: Breaches are up but fines are down?

#Data & Privacy

In our last instalment on the IAPP EY 2019 Privacy Governance Report, we look at why enforcement actions don’t catch up with the high number of data breaches.