In the past year we've witnessed a substantial change in data protection regulation, particularly in the EU.
Developments include cyber-security concerns, fintech, a focus on digital innovation in the public and private sectors, and the development of analytics involving big data.
The arrival of the EU General Data Protection Regulation (with the potential of fines of up to 4% of annual global turnover for non-compliance) as well as other significant developments such as the safe harbor ruling, the EU-US privacy shield and the potential for class actions for privacy breaches, makes this a critical area of risk for our clients.
Our global data protection and cyber security group advise on all aspects of data protection and privacy regulation, as well as on Freedom of Information legislation and related matters.
Our broad experience allows us to assist in navigating the opportunities created and the numerous challenges posed by data protection regulation. We can ensure there is a proper lawful basis for the processing of data and help you implement compliant data governance principles. We can advise on the appropriate levels of security and legalities of transferring and exporting data, including in relation to cloud storage arrangements. We have developed privacy impact assessments for large, complex projects, including major public sector projects and can assist you with privacy by design principles.
We particularly advise in relation to:
- Compliance issues
- Data protection policies
- Privacy audits and impact assessments
- Data subject access requests
- GDPR compliance
- International data transfers
- Data security and breach response plans
- Dealing with regulators
- Privacy-related dispute resolution