Data is a crucial part of every business environment. It is imperative that all organisations have systems and procedures in place to manage local and international legal requirements as well as maintaining a social licence to operate
We have seen some key changes in the privacy space recently: the Australian Federal Government has introduced new mandatory breach notification laws and the European General Data Protection Regulation (GDPR) will have extraterritorial operation and potentially affect Australian businesses.
The local mandatory data breach rules provide a reason for many Australian businesses to reconsider the way they collect, process, store, and share secure personal information. Even if one business is not concerned about its data practices, its business partners are likely to be increasingly persistent about transparency of legal compliance.
Our practice covers data in many forms, including business information, big datasets and personal and sensitive information. While we spend significant time advising on the Privacy Act and the Spam Act, the issues around data often crossover into competition law and complex commercialisation arrangements. We also understand managing data and privacy risk involves a range of stakeholders within an organisation and we often work not only with general counsel but internal executive teams including chief data officers, chief security officers, chief risk officers and the regulatory and communications executives.
We can assist with your privacy and data protection concerns by:
We work with senior managers and boards to develop and implement information governance frameworks. This encompasses risk management strategies and often overlaps with other areas of risk and compliance, including anti-corruption. Our primary concern is Privacy Act compliance as well as relevant international requirements so that group policies can align with all relevant jurisdictions.
We can assist you to develop breach response plans, rehearse and scenario plan, prepare in advance your response and investigation planning methodology and team. We also assist in liaising with the Office of the Australian Information Commissioner.
Holding Redlich has experience advising international organisations about the collection and use of various elements of personal information in Australia including the ability to use personal information to create derivative statistical and risk assessment products for use in and out of Australia. We also have experience drafting privacy, right to information and data security provisions for commercial contracts for local, State and Federal government agencies, Government owned corporations and statutory authorities.
Holding Redlich acts on behalf of applicants and respondents to Freedom of Information requests. We regularly advise on the validity (or otherwise) of the scope of a request, and assist clients in refusing requests for documents that are either too voluminous or seek only documents that are exempt under the FOI Act. We also assist in the processing of FOI requests, including the review of documentation and assessment for exemption. Once a decision is made, we assist the decision-maker to communicate the basis of their decision. We have also successfully defended appeals and complaints made to the FOI Commissioner in respect of those decisions.
10 September 2019 - Knowledge
The latest quarterly Notifiable Data Breach Report confirms that employees remain the weakest link when it comes to protecting personal information against unauthorised access and disclosure.
19 August 2019 - Knowledge
The Australian Competition & Consumer Commission has announced that it had commenced legal proceedings in the Federal Court against the online platform, HealthEngine Pty Ltd alleging that a number of its practices constitute misleading and deceptive conduct in breach of the Australian Consumer Law.
13 August 2019 - Knowledge
Showing we have a strong and engaged privacy community in Sydney, we had an excellent discussion at a well-attended event hosted by Holding Redlich yesterday evening. We wrap up the key issues.
02 August 2019 - Knowledge
Legislation creating the highly anticipated Consumer Data Right has been passed by the Australian Federal Government. Formal commencement is expected to begin in February 2020. Read our overview to understand how you are affected.
01 August 2019 - Knowledge
Following a year-long investigation into Facebook’s role in the Cambridge Analytica privacy saga, the US Federal Trade Commission and Facebook have reached a settlement whereby Facebook will be required to pay US $5.1 billion for violating a previous settlement order with the FTC.
09 July 2019 - Knowledge
If Australian businesses conducting activities in the EU were not already paying attention to the General Data Protection Regulation introduced in Europe last May, they should be now.
01 July 2019 - Knowledge
Financial services in Australia are now subject to increased cyber-security and information security regulation.
18 June 2019 - Knowledge
A recent case where an employee was dismissed for refusing to give his fingerprint record to his employer has prompted significant debate about privacy issues in the workplace. The dismissal was ultimately found to be unfair and the employer in breach of privacy laws but the case has raised some important privacy issues. We list the key privacy lessons from the case and outline how employers can create a robust privacy and data protection environment.
21 May 2019 - Knowledge
#Construction & Infrastructure, #Corporate & Commercial Law, #Data & Privacy, #Immigration Law, #Planning, Environment & Sustainability, #Renewable Energy, #Superannuation, Funds Management & Financial Services, #Taxation – Disputes & Litigation, #Workplace Relations & Safety
After a momentous weekend in federal politics, all eyes are now turning to what policies are set to be delivered and what their impact will be on business and the economy.
14 May 2019 - Knowledge
Don’t be in the dark on risks relating to privacy! General Counsel Lyn Nicholson recaps the Global Privacy summit and the impact data risk has on businesses globally.
18 April 2019 - Knowledge
We take a look at cybersquatting - and how you can take action against it.