Privacy and data protection

We understand how important and valuable personal information can be, and the responsibilities that an organisation takes on when it collects and uses that information.  The legal, financial and reputational risks of not meeting those responsibilities can be severe, and the need for organisations to understand and meet their legal obligations has never been greater.

Our privacy team brings together experts from our technology, employment, healthcare, commercial, public law and payments practice areas, meaning we understand how personal information is critical to your sector and what risks there might be in any given circumstance.  We help clients plan for, protect themselves against and respond to cyber attacks and other security incidents.

We advise clients at all stages of the data lifecycle - from carrying out privacy impact assessments before implementing new systems, advising on new methods of data processing and analytics, responding to Official Information Act, LGOIMA and Privacy Act access requests, meeting data retention and Public Records Act requirements, and dealing with privacy breaches, security incidents, complaints and investigations.

We have international data privacy expertise, with backgrounds in EU Data Protection law and regularly advise international clients and law firms on New Zealand privacy law within a global compliance framework.  We have contributed the New Zealand chapters to a number of international data protection guides and publications and work closely with local privacy experts in other jurisdictions. 

Our recent work includes advising on the implications of GDPR for New Zealand businesses, advising clients on privacy, security and data management implications of launching a new virtual healthcare platform, using cloud data services, launching new data-driven business models, conducting social media marketing campaigns, transfers of customer databases following insolvency and business acquisitions, and generating insights and analysis from big data.

In the health sector, we advise Te Whatu Ora - Health New Zealand, the Ministry of Health and private healthcare providers on compliance with the Health Information Privacy Code, implementation of clinical management systems, and handling of patient and clinical information.

Our employment experts advise on privacy issues in relation to recruitment, use of HR information systems, drug and alcohol testing, disciplinary processes, and employee investigations and disputes.

Webinar: Privacy 2020 for employers – Time to reset

Privacy continues to be a hot topic for employers around the country and as the Office of the Privacy Commissioner has said, the new Privacy Act 2020 offers organisations a chance to "reset" and make sure they get things right.  On Tuesday 22 September 2020, our team in Auckland presented a webinar on what employers need to know and do for the upcoming Privacy Act 2020.

Watch webinar