Data privacy and information law


Data privacy and information law impacts organisations of all sizes who deal with data - whether large multi-nationals or start-ups, in the public or private sector. Using and sharing personal data in an ethical way demonstrates good governance, enhances your reputation and business value, and protects one of your largest assets.

We understand that personal data is a fundamental tool for your organisation. We also understand that data privacy is a fundamental right for individuals. Our team provides expert advice on balancing those competing interests, making data work for you to drive change whilst protecting your organisation from unwanted public and regulatory scrutiny.

From guiding you through changes in law and regulatory issues, helping you plan new projects, develop services and implement new technologies, to responding to cyber-attacks and other data breaches, we have a wealth of experience in managing data protection and other information issues at every stage.

Our team of data protection experts in our UK offices work alongside our international network and our wider teams across key industry sectors and provide commercial solutions and practical advice on how you can protect your business interests. We can assist with:

Data protection by design and default

  • Undertaking audits, gap analysis and data protection health checks to assess key risks to your organisation, and advice on privacy impact assessments.
  • Advising on compliance with Data Protection Legislation.
  • Provision of bespoke training for all levels of your organisation.
  • Advising on and dealing with Data Subject Access Requests from individuals, including employees, and using technology to manage those efficiently.

Commercial Agreements

  • Drafting and negotiating agreements with a data or technology focus, including software, payroll, data hosting, marketing and commercial exploitation of data
  • Advising on the data protection aspects of new technologies and service provision, including on all aspects of IT related issues and the use of AI to analyse data.
  • Advising on sharing data with third parties and within group companies, whether sharing on a controller to controller basis or the appointment of processors or sub-processors.
  • Advising upon compliant international transfers of data.
  • Advising upon effective anonymisation or pseudonymisation of personal data.

Employment

  • Advising on all aspects of compliance from an HR point of view, including policies, procedures and employer obligations in relation to employment services such as payroll, secondments and outsourcing.
  • Managing and advising on Data Subject Access requests, particularly in the context of threatened or on-going Employment Tribunal proceedings.
  • Managing employment data breaches and the associated HR issues arising.

Data Breach Response and Dispute Resolution

  • Creating and implementing breach response plans to protect data and mitigate key business risks, including engaging and liaising with forensic IT experts and consultants, PR and Communications teams, and legal advisors in other jurisdictions.
  • Liaising with the Information Commissioner's Office in respect of any formal investigations and complaints and managing reports to regulators, stakeholders and individuals.
  • Acting urgently to protect misappropriated information from being dissipated or misused and advising on potential losses and strategic options for recovery, and acting in proceedings brought by individuals affected by a data breach or cyber attack.

In brief

  • Advising clients operating in real estate, housing, retail, healthcare, education, technology, construction, energy and the public sector, SMEs.
  • Commercial agreements, information sharing protocols, privacy policies, use of website terms
  • Compliant international transfers
  • Employment – advising on all aspects of compliance
  • Data breach response – developing strategy to minimise risks arising from data breaches and cyber-attacks
  • Privacy Impact Assessments – data protection audits, gap analysis and high level “health checks” to assess key areas of risk
  • Dispute resolution – whether in relation to an investigation by the Information Commissioner or a contractual dispute
  • Member of Interlaw, the ‘Elite Global Law Firm network,’ with lawyers in more than 150 cities worldwide
Insight

Podcast: Secure communication is king

Explore
Insight

Whitepaper launch: Enhancing Cyber Resilience in Supply Chains 

Explore
News

October marks National Cyber Security Awareness Month

Explore
News

Trowers comments: Reforming the UK data protection landscape

Explore
Insight

Cyber attack guidance for Joint Ventures in the Construction Industry

Explore
Insight

The Data Protection and Digital Information Bill: what's in store?

Explore