Artboard 1Icons/Ionic/Social/social-pinterest

Data & Privacy

Data is a crucial part of every business environment. It is imperative that all organisations have systems and procedures in place to manage local and international legal requirements as well as maintaining a social licence to operate

Data & Privacy

We have seen some key changes in the privacy space recently: the Australian Federal Government has introduced new mandatory breach notification laws and the European General Data Protection Regulation (GDPR) will have extraterritorial operation and potentially affect Australian businesses.

Expertise

The local mandatory data breach rules provide a reason for many Australian businesses to reconsider the way they collect, process, store, and share secure personal information. Even if one business is not concerned about its data practices, its business partners are likely to be increasingly persistent about transparency of legal compliance.

Our practice covers data in many forms, including business information, big datasets and personal and sensitive information. While we spend significant time advising on the Privacy Act and the Spam Act, the issues around data often crossover into competition law and complex commercialisation arrangements. We also understand managing data and privacy risk involves a range of stakeholders within an organisation and we often work not only with general counsel but internal executive teams including chief data officers, chief security officers, chief risk officers and the regulatory and communications executives.

We can assist with your privacy and data protection concerns by:

  • reviewing current policies and underlying practices
  • training management and frontline staff
  • preparing and implementing policies, codes of conduct, and internal procedures
  • providing advice in crisis situations – such as breaches
  • preparing compliance plans and privacy impact assessment.

Experience

Information Governance Frameworks

We work with senior managers and boards to develop and implement information governance frameworks. This encompasses risk management strategies and often overlaps with other areas of risk and compliance, including anti-corruption. Our primary concern is Privacy Act compliance as well as relevant international requirements so that group policies can align with all relevant jurisdictions. 

Data Breach planning, investigation and response

We can assist you to develop breach response plans, rehearse and scenario plan, prepare in advance your response and investigation planning methodology and team. We also assist in liaising with the Office of the Australian Information Commissioner.

Data Security

Holding Redlich has experience advising international organisations about the collection and use of various elements of personal information in Australia including the ability to use personal information to create derivative statistical and risk assessment products for use in and out of Australia. We also have experience drafting privacy, right to information and data security provisions for commercial contracts for local, State and Federal government agencies, Government owned corporations and statutory authorities.

Regulator investigations and enquiries

  • acting for both corporations and individuals in regulatory investigations and prosecutions
  • assisting clients in managing regulators’ monitoring and enforcement visits
  • advising on and creating compliance and risk management policies and programs tailored to the particular risks faced by different corporations and individuals
  • advising companies, directors and officers involved in external investigations and prosecutions brought by Commonwealth and state agencies.

Open Data frameworks and information access (FOI)

Holding Redlich acts on behalf of applicants and respondents to Freedom of Information requests. We regularly advise on the validity (or otherwise) of the scope of a request, and assist clients in refusing requests for documents that are either too voluminous or seek only documents that are exempt under the FOI Act. We also assist in the processing of FOI requests, including the review of documentation and assessment for exemption. Once a decision is made, we assist the decision-maker to communicate the basis of their decision. We have also successfully defended appeals and complaints made to the FOI Commissioner in respect of those decisions. 

  



Dan Pearce

Dan Pearce

General Counsel

Melbourne

More info
Lyn Nicholson

Lyn Nicholson

General Counsel

Sydney

More info
Andrew Hynd

Andrew Hynd

Partner

Brisbane

More info
Trent Taylor

Trent Taylor

Partner

Brisbane

More info

Recent Posts

18 February 2020 - Knowledge

Data governance – what’s at stake for your business?

#Data & Privacy

With the increased role of regulators in the post-Hayne era, it is now more crucial than ever for corporations to understand how best to manage their data. We look at the key risks are in this increasingly data driven world, and the reasons why businesses should establish a Data Governance Framework to avoid potential damage to their business and falling afoul of the law.

14 February 2020 - Knowledge

Notifiable data breach: Two years on and mostly ‘behind the scenes’

#Data & Privacy

This month marks two years since the introduction of Australia’s notifiable data breach scheme. We look back on key events and learnings from the data and privacy space over this time, and outline why businesses should continually review their privacy practices.

11 February 2020 - Knowledge

California sets new standard for privacy in the US

#Data & Privacy

From the start of this year, the US has a new high water mark for privacy regulation. The California Consumer Privacy Act has come in to effect, and it can apply to entities located outside that state. 

14 January 2020 - Knowledge

Government Bulletin – summer edition

#Government, #Construction & Infrastructure, #Corporate & Commercial Law, #Data & Privacy, #Planning, Environment & Sustainability, #Property & Real Estate, #Workplace Relations & Safety

In this special edition of our fortnightly publication, we put a spotlight on the government’s ongoing digital transformation and take a close look at some of the key trends and issues as a result of this digitisation.

10 December 2019 - Knowledge

Employment and privacy in the surveillance age

#Data & Privacy

Employers collecting employee data to manage risk and business activities will need to exercise caution, a recent media report suggests. We outline the complex legal issues.

10 December 2019 - Knowledge

Expert guide: Be ready for 2020

#Agribusiness, #Corporate & Commercial Law, #Data & Privacy, #Immigration Law, #Native Title, #Planning, Environment & Sustainability, #Property & Real Estate, #Technology, Media & Telecommunications, #Transport, Shipping & Logistics, #Workplace Relations & Safety, #Procurement

New whistleblower requirements, increased pressure to protect data globally, turbulence in the communications sector, and intensifying drought management issues - 2020 is set to be a significant time of change across many industries.

04 December 2019 - Knowledge

Key issues for the communications sector in 2019, 2020 and beyond

#Technology, Media & Telecommunications, #Data & Privacy

Following the recent Law Council of Australia Media and Communications 2019 seminar hosted by Holding Redlich in Sydney, we wrap up the major points made by the two key note speakers, ACCC Chair Rod Sims and Australian Privacy Commissioner Angelene Falk.

23 October 2019 - Knowledge

Privacy in 2019: Breaches are up but fines are down?

#Data & Privacy

In our last instalment on the IAPP EY 2019 Privacy Governance Report, we look at why enforcement actions don’t catch up with the high number of data breaches.

16 October 2019 - Knowledge

Privacy in 2019: A growing demand for individuals accessing their personal data

#Data & Privacy

Results from the 2019 Privacy Governance Report released by EY and the International Association of Privacy Professionals are telling. We deep dive into the chapter devoted to data subject requests, also known as data subject access requests, and consider what is happening in the US and the EU with individuals seeking access to their data and how it is impacting businesses.

09 October 2019 - Knowledge

Privacy in 2019: Who’s in your privacy team?

#Data & Privacy

In the second of our series on the IAPP EY Privacy Report, we look at the global trends and changing face of privacy management within organisations, and the long-running question of where privacy should, and does, fit within the executive management team.

30 September 2019 - Knowledge

Privacy in 2019: How does your privacy budget compare?

#Data & Privacy, #Technology, Media & Telecommunications

Over the next five weeks, we take a look at key takeaways from the recently released Privacy Governance Report. This week: Why privacy budgets need to increase to respond to the upsurge in regulation.

25 September 2019 - Knowledge

Near monopolies in a fragmented market: ACCC targets ad tech in Digital Platforms Inquiry Report

#Technology, Media & Telecommunications, #Data & Privacy

In its final Digital Platforms Inquiry Report, the ACCC raises significant concerns over a number of competition and privacy issues impacting the ad tech supply chain relating to online advertising.