Data is a crucial part of every business environment. It is imperative that all organisations have systems and procedures in place to manage local and international legal requirements as well as maintaining a social licence to operate
We have seen some key changes in the privacy space recently: the Australian Federal Government has introduced new mandatory breach notification laws and the European General Data Protection Regulation (GDPR) will have extraterritorial operation and potentially affect Australian businesses.
The local mandatory data breach rules provide a reason for many Australian businesses to reconsider the way they collect, process, store, and share secure personal information. Even if one business is not concerned about its data practices, its business partners are likely to be increasingly persistent about transparency of legal compliance.
Our practice covers data in many forms, including business information, big datasets and personal and sensitive information. While we spend significant time advising on the Privacy Act and the Spam Act, the issues around data often crossover into competition law and complex commercialisation arrangements. We also understand managing data and privacy risk involves a range of stakeholders within an organisation and we often work not only with general counsel but internal executive teams including chief data officers, chief security officers, chief risk officers and the regulatory and communications executives.
We can assist with your privacy and data protection concerns by:
We work with senior managers and boards to develop and implement information governance frameworks. This encompasses risk management strategies and often overlaps with other areas of risk and compliance, including anti-corruption. Our primary concern is Privacy Act compliance as well as relevant international requirements so that group policies can align with all relevant jurisdictions.
We can assist you to develop breach response plans, rehearse and scenario plan, prepare in advance your response and investigation planning methodology and team. We also assist in liaising with the Office of the Australian Information Commissioner.
Holding Redlich has experience advising international organisations about the collection and use of various elements of personal information in Australia including the ability to use personal information to create derivative statistical and risk assessment products for use in and out of Australia. We also have experience drafting privacy, right to information and data security provisions for commercial contracts for local, State and Federal government agencies, Government owned corporations and statutory authorities.
Holding Redlich acts on behalf of applicants and respondents to Freedom of Information requests. We regularly advise on the validity (or otherwise) of the scope of a request, and assist clients in refusing requests for documents that are either too voluminous or seek only documents that are exempt under the FOI Act. We also assist in the processing of FOI requests, including the review of documentation and assessment for exemption. Once a decision is made, we assist the decision-maker to communicate the basis of their decision. We have also successfully defended appeals and complaints made to the FOI Commissioner in respect of those decisions.
09 July 2019 - Knowledge
If Australian businesses conducting activities in the EU were not already paying attention to the General Data Protection Regulation introduced in Europe last May, they should be now.
01 July 2019 - Knowledge
Financial services in Australia are now subject to increased cyber-security and information security regulation.
18 June 2019 - Knowledge
A recent case where an employee was dismissed for refusing to give his fingerprint record to his employer has prompted significant debate about privacy issues in the workplace. The dismissal was ultimately found to be unfair and the employer in breach of privacy laws but the case has raised some important privacy issues. We list the key privacy lessons from the case and outline how employers can create a robust privacy and data protection environment.
21 May 2019 - Knowledge
#Construction & Infrastructure, #Corporate & Commercial Law, #Data & Privacy, #Immigration Law, #Planning, Environment & Sustainability, #Renewable Energy, #Superannuation, Funds Management & Financial Services, #Taxation – Disputes & Litigation, #Workplace Relations & Safety
After a momentous weekend in federal politics, all eyes are now turning to what policies are set to be delivered and what their impact will be on business and the economy.
14 May 2019 - Knowledge
Don’t be in the dark on risks relating to privacy! General Counsel Lyn Nicholson recaps the Global Privacy summit and the impact data risk has on businesses globally.
18 April 2019 - Knowledge
We take a look at cybersquatting - and how you can take action against it.
27 March 2019 - Knowledge
We take a look at the tougher penalties announced for privacy breaches, new restrictions on social media companies and $25 million in additional funding for the privacy regulator.
06 March 2019 - Knowledge
Is your board asking about what steps you have in place in order to deal with a crisis? Has your executive team done the preparation to manage a suspected breach? We outline why it is crucial to plan now, before a crisis breaks.
25 February 2019 - Knowledge
The last year has seen huge changes in the privacy and data protection landscape, some of which may have been foreseeable and some may have caught businesses and individuals by surprise.
12 February 2019 - Knowledge
The open banking regime that was set to commence in July 2019 promoting transparency and allowing data sharing for consumers, has been delayed by a further eight months to allow for testing.
30 January 2019 - Knowledge
In this special edition of our Queensland Government Bulletin publication, our team looks at the issues and reforms that emerged over 2018 in key areas affecting government - and also cast forward to examine the expected major trends and developments for 2019.