We offer a wide range of data protection and privacy services to local, national and multinational organisations.
Both Deirdre Crowley and Eimear Boyle of our office are members of the International Association of Privacy Professionals and are on track to become ISO 17024:2012 accredited privacy practitioners in early 2018.
The GDPR is one of the most wide-ranging pieces of legislation passed by the EU in recent times. It requires a root and branch change in organisations’ cultures and attitudes towards data protection and privacy. GDPR compliance should be on all organisation’s agendas in advance of the implementation date of 25 May 2018 and we are available to advise on how your organisation can become GDPR fit. We assist by providing advices and assistance in the following areas:
We also advise in relation to issues such as data subject access requests, particularly within the sphere of employment law. These requests can become complex and time consuming for clients and we are well placed to advise on organisations’ obligations and any applicable exemptions.
We regularly advise clients on data breaches within their organisations. This includes advice on reporting and notification requirements, mitigation, liaising with the Office of the Data Protection Commissioner, liaising with insurers and data subjects and conducting assessments to future proof organisations from risk.
We work with a range of providers in the cyber security sector. These working relationships typically arise in dealing with data breaches and we have significant experience working with forensic IT experts and IT security experts in the aftermath of breaches in order to establish the causes and effects of breaches, managing the breach notification requirements and advising on corrective action measures so that breaches are not repeated in the future.
We routinely work with call center providers to set up communication platforms in the aftermath of a breach, with public relations companies and the appointed inspectors within the breach notification department of the Data Protection Commissioner’s Office.
We offer an outsourced Data Protection Officer function. Further information in relation to this service can be found here.
We have significant experience in assisting organisations to become GDPR ready and putting the necessary measures in place in advance of May 2018.
We regularly work with our clients in undertaking these projects, in providing training and drafting necessary documentation such as processing agreements and policies.
We regularly work with the Office of the Data Protection Commissioner in relation to audits and investigations being carried out in our client’s organisations. We have dealt with the Office of the Data Protection Commissioner on many occasions in relation to reportable data breaches on behalf of our clients and through a collaborative and partnership approach it is often the case that no further action in terms of fines and penalties arise.
We have also worked closely with the fraud investigations department in An Garda Síochána to manage serious cyber-attacks.
We have significant experience in data protection, privacy, defamation and reputational damage litigation before the Circuit, High and Supreme Courts.
We assist with client’s management of third-party vendors by advising on service level agreements, SaaS agreements, data processing agreements, privacy notices and comprehensive due diligence to ensure that our clients’ third-party vendors are in line with our clients’ GDPR and ePrivacy compliance.