Data is a crucial part of every business environment. It is imperative that all organisations have systems and procedures in place to manage local and international legal requirements as well as maintaining a social licence to operate
We have seen some key changes in the privacy space recently: the Australian Federal Government has introduced new mandatory breach notification laws and the European General Data Protection Regulation (GDPR) will have extraterritorial operation and potentially affect Australian businesses.
The local mandatory data breach rules provide a reason for many Australian businesses to reconsider the way they collect, process, store, and share secure personal information. Even if one business is not concerned about its data practices, its business partners are likely to be increasingly persistent about transparency of legal compliance.
Our practice covers data in many forms, including business information, big datasets and personal and sensitive information. While we spend significant time advising on the Privacy Act and the Spam Act, the issues around data often crossover into competition law and complex commercialisation arrangements. We also understand managing data and privacy risk involves a range of stakeholders within an organisation and we often work not only with general counsel but internal executive teams including chief data officers, chief security officers, chief risk officers and the regulatory and communications executives.
We can assist with your privacy and data protection concerns by:
We work with senior managers and boards to develop and implement information governance frameworks. This encompasses risk management strategies and often overlaps with other areas of risk and compliance, including anti-corruption. Our primary concern is Privacy Act compliance as well as relevant international requirements so that group policies can align with all relevant jurisdictions.
We can assist you to develop breach response plans, rehearse and scenario plan, prepare in advance your response and investigation planning methodology and team. We also assist in liaising with the Office of the Australian Information Commissioner.
Holding Redlich has experience advising international organisations about the collection and use of various elements of personal information in Australia including the ability to use personal information to create derivative statistical and risk assessment products for use in and out of Australia. We also have experience drafting privacy, right to information and data security provisions for commercial contracts for local, State and Federal government agencies, Government owned corporations and statutory authorities.
Holding Redlich acts on behalf of applicants and respondents to Freedom of Information requests. We regularly advise on the validity (or otherwise) of the scope of a request, and assist clients in refusing requests for documents that are either too voluminous or seek only documents that are exempt under the FOI Act. We also assist in the processing of FOI requests, including the review of documentation and assessment for exemption. Once a decision is made, we assist the decision-maker to communicate the basis of their decision. We have also successfully defended appeals and complaints made to the FOI Commissioner in respect of those decisions.
18 February 2020 - Knowledge
With the increased role of regulators in the post-Hayne era, it is now more crucial than ever for corporations to understand how best to manage their data. We look at the key risks are in this increasingly data driven world, and the reasons why businesses should establish a Data Governance Framework to avoid potential damage to their business and falling afoul of the law.
14 February 2020 - Knowledge
This month marks two years since the introduction of Australia’s notifiable data breach scheme. We look back on key events and learnings from the data and privacy space over this time, and outline why businesses should continually review their privacy practices.
11 February 2020 - Knowledge
From the start of this year, the US has a new high water mark for privacy regulation. The California Consumer Privacy Act has come in to effect, and it can apply to entities located outside that state.
14 January 2020 - Knowledge
In this special edition of our fortnightly publication, we put a spotlight on the government’s ongoing digital transformation and take a close look at some of the key trends and issues as a result of this digitisation.
10 December 2019 - Knowledge
#Agribusiness, #Corporate & Commercial Law, #Data & Privacy, #Immigration Law, #Native Title, #Planning, Environment & Sustainability, #Property & Real Estate, #Technology, Media & Telecommunications, #Transport, Shipping & Logistics, #Workplace Relations & Safety, #Procurement
New whistleblower requirements, increased pressure to protect data globally, turbulence in the communications sector, and intensifying drought management issues - 2020 is set to be a significant time of change across many industries.
04 December 2019 - Knowledge
Following the recent Law Council of Australia Media and Communications 2019 seminar hosted by Holding Redlich in Sydney, we wrap up the major points made by the two key note speakers, ACCC Chair Rod Sims and Australian Privacy Commissioner Angelene Falk.
23 October 2019 - Knowledge
In our last instalment on the IAPP EY 2019 Privacy Governance Report, we look at why enforcement actions don’t catch up with the high number of data breaches.
16 October 2019 - Knowledge
Results from the 2019 Privacy Governance Report released by EY and the International Association of Privacy Professionals are telling. We deep dive into the chapter devoted to data subject requests, also known as data subject access requests, and consider what is happening in the US and the EU with individuals seeking access to their data and how it is impacting businesses.
09 October 2019 - Knowledge
In the second of our series on the IAPP EY Privacy Report, we look at the global trends and changing face of privacy management within organisations, and the long-running question of where privacy should, and does, fit within the executive management team.
30 September 2019 - Knowledge
Over the next five weeks, we take a look at key takeaways from the recently released Privacy Governance Report. This week: Why privacy budgets need to increase to respond to the upsurge in regulation.
25 September 2019 - Knowledge
In its final Digital Platforms Inquiry Report, the ACCC raises significant concerns over a number of competition and privacy issues impacting the ad tech supply chain relating to online advertising.