We understand how important and valuable personal information can be, and the responsibilities that an organisation takes on when it collects and uses that information. The legal, financial and reputational risks of not meeting those responsibilities can be severe, and the need for organisations to understand and meet their legal obligations has never been greater.
Our privacy team brings together experts from our technology, employment, healthcare, commercial, public law and payments practice areas, meaning we understand how personal information is critical to your sector and what risks there might be in any given circumstance. We help clients plan for, protect themselves against and respond to cyber attacks and other security incidents.
We advise clients at all stages of the data lifecycle - from carrying out privacy impact assessments before implementing new systems, advising on new methods of data processing and analytics, responding to Official Information Act, LGOIMA and Privacy Act access requests, meeting data retention and Public Records Act requirements, and dealing with privacy breaches, security incidents, complaints and investigations.
We have international data privacy expertise, with backgrounds in EU Data Protection law and regularly advise international clients and law firms on New Zealand privacy law within a global compliance framework. We have contributed the New Zealand chapters to a number of international data protection guides and publications and work closely with local privacy experts in other jurisdictions.
Our recent work includes advising on the implications of GDPR for New Zealand businesses, advising clients on privacy, security and data management implications of launching a new virtual healthcare platform, using cloud data services, launching new data-driven business models, conducting social media marketing campaigns, transfers of customer databases following insolvency and business acquisitions, and generating insights and analysis from big data.
In the health sector, we advise a number of District Health Boards, the Ministry of Health and private healthcare providers on compliance with the Health Information Privacy Code, implementation of clinical management systems, and handling of patient and clinical information.
Our employment experts advise on privacy issues in relation to recruitment, use of HR information systems, drug and alcohol testing, disciplinary processes, and employee investigations and disputes.
Webinar: Privacy 2020 for employers – Time to reset
Privacy continues to be a hot topic for employers around the country and as the Office of the Privacy Commissioner has said, the new Privacy Act 2020 offers organisations a chance to "reset" and make sure they get things right. On Tuesday 22 September 2020, our team in Auckland presented a webinar on what employers need to know and do for the upcoming Privacy Act 2020.
Advising SKY Television
on all aspects of privacy complianceincluding drafting its consumer-facing terms and conditions and privacy policies, advising on the development of its android and iOS apps, its online account and content streaming services, call centre procedures, communications to its 800,000+ subscriber base and handling requests for information under the Privacy Act
Advising a number of District Health Boards, the Ministry of Health and other government agencies in the health sector
on compliance with the Health Information Privacy Code, implementation of clinical management systems and handling of patient and clinical information
Providing and coordinating local privacy advice for Apple
in New Zealand and a range of Pacific jurisdictions
Advising a large local authority
on privacy and surveillance issues related to the implementation of public CCTV cameras
Advising Philips New Zealand
on privacy compliance issues arising out of the implementation of a global human resources platform, privacy and security issues, cross-border transfers and employee consents
Advising a significant Crown entity
on its obligations under the Privacy Act following a large-scale privacy breach, including providing seconded legal support, advising on investigation and notification obligations, management of information requests and remedial measures