Organisations, whether they are corporates or government agencies, are increasingly realising the value of their data and technology assets. Having technology work for you can be a definite advantage. But there are pitfalls, particularly as the pace of regulation around data protection, privacy and cyber security continues to increase in Australia and globally. HDY understands the regulatory landscape, and we’re plugged in to the next wave of change and how it will impact our clients.
The importance of protecting the data and extracting the maximum value from it, particularly as businesses embrace cloud-based solutions and have less direct control of where and how their data is stored, cannot be overestimated.
Australian data regulation – in line with what is occurring in jurisdictions globally – is evolving. Businesses and government agencies are responding by building in-house capability and seeking expert advice. Our team can help to ensure you are fully compliant with the requirements of regulators, and your data and reputation are protected in the event of a breach. We help our clients to manage reputational and data risks as they arise either during the normal course of business, or as part of interaction with the regulator.
Having been ranked in The Legal 500 Asia Pacific’s TMT: IT and Telecommunications since 2012 and Chambers Asia-Pacific TMT: IT and Telecommunications since 2012, we are recognised leaders in data protection, privacy and cyber security. Our multidisciplinary, solutions-focused team can help you navigate the full spectrum of data protection, privacy, information law and cyber security issues.
Data protection and privacy
- Privacy by design – developing and implementing privacy frameworks, identifying privacy compliance risks and conducting privacy impact assessments
- Compliance and privacy governance – drafting and advising on privacy policies, notices and consents, internal operational manuals and providing privacy training
- Outsourcing and the cloud – advising on contractual arrangements to address privacy issues relating to outsourcing, offshoring and cloud arrangements and the use of mobile and web-based platforms
- Emerging technology – privacy implications of developments in technology and their application to customer-facing products and services
- Marketing and promotion – privacy and other legal issues relating to promotional and marketing campaigns, including direct marketing regulations
- Big data – the commercialisation of data assets, including re-identification risks
- Privacy complaints and access requests – assisting with requests to access personal information, complaints made to clients and regulators, and requests for external review and compensation.
- Assessment and evaluation of a breach – response and incident plans and other mitigation strategies, including whether notification of regulatory authorities is appropriate/necessary
- Data breach notification – dealing with regulators and advising on the extent to which they need to be, or ought to be, notified of data breaches or cyber attacks
- Criminal and employment issues – data breaches, including white-collar fraud
- Ending cyber attacks – obtaining urgent interlocutory and final relief through the courts against individuals engaged in illegal conduct including hacking and cyber-squatting
- Data breach claims – claims, injunctions and other court orders against third parties to secure information or assets which have been the subject of a data breach and delivery of documents obtained illegally
- Liability – advising on directors' and officers' liabilities arising from data breaches, particularly in relation to regulatory frameworks
- Insurance – advising on cyber-insurance cover and recoverability.