Every organisation needs to address data protection, confidentiality, information security, cyber risks, data breaches and freedom of information as part of their compliance and risk management policies and procedures.
With heightened media attention on data breaches coupled with increased consumer awareness of their rights, strengthened regulatory powers and the soaring potential for punitive fines, it's important that businesses recognise and understand their duties on the use and storage of information about people and products.
The Data Protection & Information team at Charles Russell Speechlys provides global contentious and non-contentious advice to both growing and established companies, and is recognised for providing support that goes beyond straight-forward legal services. We provide multi-jurisdictional project management and consultancy services, and train and educate our clients to ensure they comply with global laws and regulations. As a result, many clients recognise us as their trusted advisers in this area.
We are up to the minute with the latest data protection requirements and can give you practical advice on everything from data retention and email marketing issues, to the handling of sensitive information and data transfers (including overseas).
We also work closely with our corporate and commercial colleagues to ensure data protection due diligence is met during mergers and acquisitions, outsourcing agreements, or other transfer of undertakings.
We often review the data handling procedures adopted by HR departments, including the standard forms used for applications, references, appraisals and other employment related matters.
Our breadth of experience, and passion for data protection and information security, means the team is well placed to provide co-ordinated and competitively priced international services. We have the capacity and understanding to compete at the highest level on knowledge, commercial solutions and quality of leading edge advice.
News & Insights
Uber data breach highlights notification obligations and GDPR impact
On 21 November 2017, it was reported that Uber had suffered a hack resulting in the unauthorised access of personal data.
GDPR for IT Services: Keeping compliance at the heart of the controller/processor relationship
This paper looks at measures processors can take to assist controllers to comply with GDPR and to adequately manage the associated risk.
The Network and Information Systems Directive: An overview and consideration of the UK Implementation Consultation
This article considers the NIS Directive and the UK Government’s transposition proposals set out in the August 2017 consultation paper