Privacy & Data Protection
Once considered an afterthought for many organisations, privacy compliance is now a priority for Australian businesses as privacy data breaches continue to make headlines and consumers (and the law) demand transparency.
Practice lead: Ian Rosenfeld
We can help with:
Businesses operating in Australia are subject to a kaleidoscope of constantly evolving privacy obligations. If your business collects information about individuals, you need to be sure you are not in breach of the privacy regulations that apply to your business and the industry in which it operates.
Understanding your organisation’s obligations is the first step to protecting you from costly compliance issues and also establish your business as trustworthy in the eyes of your customers.
Our expert team of privacy lawyers can assist your business deal with privacy law issues arising from your business activities.
There is no “one size fits all” approach to privacy. We understand that your business’ privacy policies and practices need to fit seamlessly together your business’ broader commercial considerations and reflect the needs and expectations of your stakeholders.
We provide a practical, tailored approach to privacy compliance, and assist your business balance its obligations, while also maximize the potential of the information that you hold.
Privacy and Data Protection Audit
- Understanding your business’ privacy and data protection obligations
- Reviewing existing processes, procedures and documents
- Advising as to recommended improvements in practices to ensure compliance
Policies and training
- Reviewing and preparing your business’ corporate privacy policies and other operational documents (including Collection Notices)
- Prepare a Data Breach Response Plan and establishing supporting practices
- Providing practical and tailored training for management and staff
Improving business practices
- Assisting with navigating privacy and SPAM legislative requirements in the context of day-to-day business operations such as marketing and finance activities
- Assisting your business to realise the value and usability of data that you collect and hold
Breach or Investigation: assisting in critical situations
- Assisting with assessing a suspected data breach
- Advising in relation to notification requirements
- Advising in respect of an investigation or audit by the Office of the Australian Information Commissioner or Privacy Commissioner
Our experience
We have experience advising public and private sector businesses across a wide variety of industries with their privacy requirements, including:
- a membership based industry association in relation to a variety of privacy issues, including in relation to marketing activities, overseas disclosure of personal information, outsourcing activities and responding to complaints
- a privately owned health services business in relation to a suspected data breach triggered by a disgruntled employee
- a national not-for-profit organisation in relation to its use of donor information for the purpose of direct marketing
- the Australian subsidiary of a listed European entity in respect of its privacy and data protection obligations arising under a significant state government services contract and assisting the entity to implement practical compliance measures
- a medical software developer with Australian and Asian market presence in relation to implementing a seamless but transparent approach to compliance when collecting personal information and data through perioperative medical devices
- senior management and staff in the aged care, not-for-profit, construction and professional services industries in relation to their business’ privacy obligations, in tailored seminar and workshop formats