• I am an information law specialist with particular expertise in advising clients on the new Data Protection regime including compliance with the General Data Protection Regulation and the Data Protection Act 2018. My work also covers all aspects of information law and privacy including the Freedom of Information Act 2000, Environmental Information Regulations 2004, Access to Health Records Act 1990 and the Common Law Duty of Confidence. I have advised clients on data breaches and enforcement action taken by the ICO.

    I have experience of conducting data protection compliance audits for clients and drafting information sharing agreements, policies, data flows and protocols. I have advised extensively on the impact of GDPR and provide regular training to clients on compliance and regulatory issues. Given the level of complexity and uncertainty in relation to information law, I pride myself on providing practical advice and identifying solutions for clients.

    My experience covers all sectors, but I have a particular understanding of the health sector and was previously the Head of Legal at a NHS Foundation Trust.

    I have experience of advising clients on more general healthcare matters including best interests cases, child protection issues and medical ethics. I also have experience of regulatory law including acting for and on behalf of regulators in professional discipline matters alongside advising on compliance with a number of compliance regimes including the CQC.

     

  • Career Highlights include:

    • Advising on information sharing agreements between a CCG and NHS England for the sharing of information;
    • Successfully representing a Hospital Trust in refusing an application by the Sun newspaper for disclosure of the medical records of Baby P;
    • Managing and responding to complex and wide ranging FOI requests and Subject Access Requests made to Local Authorities for disclosure in relation to the Baby P case;
    • Defending a Local Authority being sued by an individual for compensation under Section 13 of the Data Protection Act 1998 where a data breach caused him to suffer Post Traumatic Stress Disorder;
    • Advising a private healthcare provider on a breach of the DPA which resulted in a large number of patient records being lost. Liaising with the ICO on behalf of the client that resulted in no further action being taken;
    • Representing a Hospital Trust in relation to an FOI request before the First Tier Tribunal;
    • Advising on information sharing and disclosure of medical records to the Police and other agencies;
    • Appointed to advise Costain in relation to the Blacklisting Data Protection scandal;
    • Managing and conducting data protection audits and managing complex Subject Access Requests on behalf of clients.