Data is a crucial part of every business environment. It is imperative that all organisations have systems and procedures in place to manage local and international legal requirements as well as maintaining a social licence to operate
We have seen some key changes in the privacy space recently: the Australian Federal Government has introduced new mandatory breach notification laws and the European General Data Protection Regulation (GDPR) will have extraterritorial operation and potentially affect Australian businesses.
The local mandatory data breach rules provide a reason for many Australian businesses to reconsider the way they collect, process, store, and share secure personal information. Even if one business is not concerned about its data practices, its business partners are likely to be increasingly persistent about transparency of legal compliance.
Our practice covers data in many forms, including business information, big datasets and personal and sensitive information. While we spend significant time advising on the Privacy Act and the Spam Act, the issues around data often crossover into competition law and complex commercialisation arrangements. We also understand managing data and privacy risk involves a range of stakeholders within an organisation and we often work not only with general counsel but internal executive teams including chief data officers, chief security officers, chief risk officers and the regulatory and communications executives.
We can assist with your privacy and data protection concerns by:
For our latest analysis on the expected changes to Australia’s privacy regulatory landscape over 2020/21, watch our webinar co-hosted with OneTrust DataGuidance here.
We work with senior managers and boards to develop and implement information governance frameworks. This encompasses risk management strategies and often overlaps with other areas of risk and compliance, including anti-corruption. Our primary concern is Privacy Act compliance as well as relevant international requirements so that group policies can align with all relevant jurisdictions.
We can assist you to develop breach response plans, rehearse and scenario plan, prepare in advance your response and investigation planning methodology and team. We also assist in liaising with the Office of the Australian Information Commissioner.
Holding Redlich has experience advising international organisations about the collection and use of various elements of personal information in Australia including the ability to use personal information to create derivative statistical and risk assessment products for use in and out of Australia. We also have experience drafting privacy, right to information and data security provisions for commercial contracts for local, State and Federal government agencies, Government owned corporations and statutory authorities.
Holding Redlich acts on behalf of applicants and respondents to Freedom of Information requests. We regularly advise on the validity (or otherwise) of the scope of a request, and assist clients in refusing requests for documents that are either too voluminous or seek only documents that are exempt under the FOI Act. We also assist in the processing of FOI requests, including the review of documentation and assessment for exemption. Once a decision is made, we assist the decision-maker to communicate the basis of their decision. We have also successfully defended appeals and complaints made to the FOI Commissioner in respect of those decisions.
12 April 2021 - Knowledge
We provide an outline of employers’ obligations under the Australian Privacy Principles when collecting, using, storing, and disclosing information about their employee’s vaccination status.
31 March 2021 - Knowledge
A recent European Union decision that directly impacts data transfers from the EU to the United States could also affect Australian organisations seeking to transfer personal data from the EU.
24 March 2021 - Knowledge
In this week’s feature, we provide businesses with an overview of Australia’s data regulation and discuss how they can derive economic value from data in the digital age.
03 March 2021 - Knowledge
The Privacy Commissioner has confirmed the first financial compensation of its kind for non-economic loss to affected individuals in a representative action against the government’s data breach.
23 February 2021 - Knowledge
We discuss some of the Australian Government's proposed amendments to the Critical Infrastructure Act, including enhanced cybersecurity obligations for critical infrastructure assets of national significance and expanded application of the Act to the transport sector.
25 January 2021 - Knowledge
In December 2020, the Australian Government introduced a new surveillance bill to provide the Australian Federal Police and the Australian Criminal Intelligence Commission with new powers to obtain warrants to tackle crime on the dark web. We look at the scope of those proposed new warrants.
22 January 2021 - Knowledge
The recent OAIC determination on Flight Centre’s data breach is a stark reminder on how collaboration events can quickly nosedive after a customer data leak.
18 January 2021 - Knowledge
In this special edition of our fortnightly publication, we reflect on both a tumultuous year for policymakers and on the delivery of government services and the changing times in which the government operates.
25 November 2020 - Knowledge
Local governments collect and manage a considerable range of personal information when delivering services which are so integral in our daily lives.
11 November 2020 - Knowledge
In 2019, the Digital Platforms Inquiry foreshadowed a review of the Privacy Act to strengthen it for the modern era. That review has now been released for public consultation.
14 October 2020 - Knowledge
How is trust in NSW government? Better than you may expect according to the results from the Information and Privacy Commission’s latest community attitudes survey on data sharing, information access and agency assistance.
29 September 2020 - Knowledge
Australians have lost trust in companies’ handling of personal data, according to a recent Office of the Australian Information Commissioner survey.