Information is vital for all organisations. As the quantity and complexity of data increases, together with a growing awareness of individual rights, managing and complying with the various rights of access is now a complex and risky task. Our dedicated team can assist with all aspects of information law.
Since the introduction of the Data Protection Act 2018 and the General Data Protection Regulation, the use, management and protection of personal data has never been more important or high profile. The change in law has heralded a new age of enforcement, with fines of £100s of millions now possible. The expectations of society in relation to our data has changed and clients must ensure that their processes and procedures are fully compliant.
We offer a comprehensive service covering all aspects of information law including:
- Advising on subject access requests
- Data Breach response
- Contractual and commercial data protection issues
- Policies and procedures
- Privacy Notices
- Data Protection Compliance Audits
- Information Sharing Agreements
- International Data Transfers
- Bespoke Data Protection Advice
Alongside our Data Protection practice, we also advise all our public sector clients on the application of the Freedom of Information Act 2000 and the Environmental Regulations 2004. We also have experience of advising on the common law duty of confidentiality and the Access to Health Records Act 1990. We have represented clients in enforcement action taken by the Information Commissioner’s Office and at the First Tier Tribunal.
The latest Information Law news and articles can be found at Bevan Brittan's Insight Information Hub
I have always found Bevan Brittan to be excellent. The information and advice they provide has helped us through some difficult challenges.
We provide a wide range of information law services including:
- Delivering practical and bespoke training and workshops on a range of information law matters including GDPR compliance and cyber-risk issues
- Drafting GDPR compliant internal documentation such data protection policies, data breach procedures, data protection impact assessments and privacy notices
- Providing support with subject access requests and requests for information under FOIA and EIR including reviewing, collating and redacting large quantities of emails and documentation
- Conducting data audits and data mapping exercises which underpin GDPR compliance projects. Preparing compliance strategies and practical action plans based on the audit results
- Reviewing, drafting and updating contracts which involve the sharing or processing of personal data
- Representing organisations in relation to complaints to the Information Commissioner’s Office and appeals to the First Tier and Upper Tribunals.
We provide support to a leading global conglomerate in a range of data protection matters including its responses to subject access requests.
Our role includes collating the thousands of documents which fall within the scope of the requests, collating those documents, reviewing the documents and redacting the documents where an exemption applies.
We advised a healthcare provider on the use of cutting edge and innovative technology in the provision of healthcare for patients. In addition to providing expert advice, our support included the preparation of a GDPR compliant data sharing agreement and the drafting of a privacy impact assessment to map the processing of personal data and establish the lawful basis for such processing.
Advice on the lawful processing of data which may be necessary in order to monitor and safeguard the health of employees, clients and visitors. We can provide support in ensuring that any processing of data in relation to COVID-19 is compliant with GDPR, particularly in relation to the need for transparency and the principle of data minimization.