Icons/Ionic/Social/social-pinterest

Data & Privacy

Data is a crucial part of every business environment. It is imperative that all organisations have systems and procedures in place to manage local and international legal requirements as well as maintaining a social licence to operate

Data & Privacy

We have seen some key changes in the privacy space recently: the Australian Federal Government has introduced new mandatory breach notification laws and the upcoming European General Data Protection Regulation (GDPR) will have extraterritorial operation and potentially affect Australian businesses.

Expertise

The local mandatory data breach rules provide a reason for many Australian businesses to reconsider the way they collect, process, store, and share secure personal information. Even if one business is not concerned about its data practices, its business partners are likely to be increasingly persistent about transparency of legal compliance.

Our practice covers data in many forms, including business information, big datasets and personal and sensitive information. While we spend significant time advising on the Privacy Act and the Spam Act, the issues around data often crossover into competition law and complex commercialisation arrangements. We also understand managing data and privacy risk involves a range of stakeholders within an organisation and we often work not only with general counsel but internal executive teams including chief data officers, chief security officers, chief risk officers and the regulatory and communications executives.

We can assist with your privacy and data protection concerns by:

  • reviewing current policies and underlying practices
  • training management and frontline staff
  • preparing and implementing policies, codes of conduct, and internal procedures
  • providing advice in crisis situations – such as breaches
  • preparing compliance plans and privacy impact assessment.

Experience

Information Governance Frameworks

We work with senior managers and boards to develop and implement information governance frameworks. This encompasses risk management strategies and often overlaps with other areas of risk and compliance, including anti-corruption. Our primary concern is Privacy Act compliance as well as relevant international requirements so that group policies can align with all relevant jurisdictions. 

Data Breach planning, investigation and response

We can assist you to develop breach response plans, rehearse and scenario plan, prepare in advance your response and investigation planning methodology and team. We also assist in liaising with the Office of the Australian Information Commissioner.

Data Security

Holding Redlich has experience advising international organisations about the collection and use of various elements of personal information in Australia including the ability to use personal information to create derivative statistical and risk assessment products for use in and out of Australia. We also have experience drafting privacy, right to information and data security provisions for commercial contracts for local, State and Federal government agencies, Government owned corporations and statutory authorities.

Regulator investigations and enquiries

  • acting for both corporations and individuals in regulatory investigations and prosecutions
  • assisting clients in managing regulators’ monitoring and enforcement visits
  • advising on and creating compliance and risk management policies and programs tailored to the particular risks faced by different corporations and individuals
  • advising companies, directors and officers involved in external investigations and prosecutions brought by Commonwealth and state agencies.

Open Data frameworks and information access (FOI)

Holding Redlich acts on behalf of applicants and respondents to Freedom of Information requests. We regularly advise on the validity (or otherwise) of the scope of a request, and assist clients in refusing requests for documents that are either too voluminous or seek only documents that are exempt under the FOI Act. We also assist in the processing of FOI requests, including the review of documentation and assessment for exemption. Once a decision is made, we assist the decision-maker to communicate the basis of their decision. We have also successfully defended appeals and complaints made to the FOI Commissioner in respect of those decisions. 

Dan Pearce

Dan Pearce

Partner

Melbourne

More info
Trent Taylor

Trent Taylor

Partner

Brisbane

More info
Greg Wrobel

Greg Wrobel

Partner

Sydney

More info
Paul Venus

Paul Venus

Managing Partner

Brisbane

More info
Lyn Nicholson

Lyn Nicholson

General Counsel

Sydney

More info

Recent Posts

02 April 2019 - Knowledge

ACCC releases draft rules for Consumer Data Right

#Data & Privacy

The ACCC has released the draft rules governing the implementation of Consumer Data Right – you have until 10 May 2019 to have your say.

27 March 2019 - Knowledge

Proposed changes to information regulations for online platforms and increased funding for privacy regulator

#Data & Privacy, #Corporate & Commercial Law

We take a look at the tougher penalties announced for privacy breaches, new restrictions on social media companies and $25 million in additional funding for the privacy regulator.

06 March 2019 - Knowledge

Is your business ready for a data breach?

#Data & Privacy

Is your board asking about what steps you have in place in order to deal with a crisis? Has your executive team done the preparation to manage a suspected breach? We outline why it is crucial to plan now, before a crisis breaks.

25 February 2019 - Knowledge

Avoiding privacy risks: Is your executive team staying on the case?

#Data & Privacy

The last year has seen huge changes in the privacy and data protection landscape, some of which may have been foreseeable and some may have caught businesses and individuals by surprise.

12 February 2019 - Knowledge

Delays to implementation of Australia’s open banking regime

#Data & Privacy

The open banking regime that was set to commence in July 2019 promoting transparency and allowing data sharing for consumers, has been delayed by a further eight months to allow for testing.

30 January 2019 - Knowledge

Queensland government bulletin

#Government, #Local Government, #Data & Privacy, #Technology, Media & Communications, #Procurement, #Planning, Environment & Sustainability

In this special edition of our Queensland Government Bulletin publication, our team looks at the issues and reforms that emerged over 2018 in key areas affecting government - and also cast forward to examine the expected major trends and developments for 2019.

21 January 2019 - Knowledge

72 hours and counting… New APRA standard sets timeframe for notification of material info security incidents

#Data & Privacy

The content of a recently released APRA CPS Standard (Standard) which will apply from 1 July 2019 broadens the obligations of APRA-regulated entities beyond other cybersecurity obligations, including relevant provisions in the Privacy Act 1988 (Cth).

10 January 2019 - Knowledge

NSW Government Bulletin - summer edition

#Construction & Infrastructure, #Data & Privacy, #Technology, Media & Communications, #Procurement, #Planning, Environment & Sustainability

In this special edition of our fortnightly publication, we take a magnifying glass to the issues and reforms that emerged over 2018 in key areas affecting government. We also cast forward to examine the expected major trends and developments for 2019.

12 December 2018 - Knowledge

2018 year in review - the top issues and where to next

#Corporate & Commercial Law, #Workplace Relations & Safety, #Data & Privacy, #Competition & Consumer Law, #Procurement, #Property & Real Estate, #Technology, Media & Communications, #Transport, Shipping & Logistics, #Construction & Infrastructure

As 2018 rapidly draws to a close, our practice group experts take a magnifying glass to the top issues from the year - and outline what they expect to dominate in 2019.

12 December 2018 - Knowledge

The Equifax data breach – A last 2018 word from the US House of Representatives

#Data & Privacy

While we thought the UK fine for Equifax was the last word on the topic for 2018, the US House of Representatives Committee on Oversight and Government Reform released its report into the 2017 Equifax data breach.

04 December 2018 - Knowledge

Are boards skilled for managing technological risk?

#Data & Privacy

The Governance Institute of Australia recently held their annual conference with a focus on considering the risk universe and in particular, the board skills necessary for dealing with technological risk.

07 November 2018 - Knowledge

Ethical data use: How is this relevant in Australia in 2018?

#Data & Privacy

Do companies need an ethics committee for their data analytics? Here we showcase some thoughts from key international organisations