Privacy and data protection

As privacy and cyber security become increasingly important, our cross-practice team of privacy experts works closely with clients to put compliance strategies in place and to keep information secure.

Overview

We understand how important and valuable personal information can be, and the responsibilities that an organisation takes on when it collects and uses that information.  The legal, financial and reputational risks of not meeting those responsibilities can be severe, and the need for organisations to understand and meet their legal obligations has never been greater.

Our privacy team brings together experts from our technology, employment, healthcare, commercial, public law and payments practice areas, meaning we understand how personal information is critical to your sector and what risks there might be in any given circumstance.  We help clients plan for, protect themselves against and respond to cyber attacks and other security incidents.

We advise clients at all stages of the data lifecycle - from carrying out privacy impact assessments before implementing new systems, advising on new methods of data processing and analytics, responding to Official Information Act, LGOIMA and Privacy Act access requests, meeting data retention and Public Records Act requirements, and dealing with privacy breaches, security incidents, complaints and investigations.

We have international data privacy expertise, with backgrounds in EU Data Protection law and regularly advise international clients and law firms on New Zealand privacy law within a global compliance framework.  We have contributed the New Zealand chapters to a number of international data protection guides and publications and work closely with local privacy experts in other jurisdictions. 

Our recent work includes advising on the implications of GDPR for New Zealand businesses, advising clients on privacy, security and data management implications of launching a new virtual healthcare platform, using cloud data services, launching new data-driven business models, conducting social media marketing campaigns, transfers of customer databases following insolvency and business acquisitions, and generating insights and analysis from big data.

In the health sector, we advise Te Whatu Ora - Health New Zealand, the Ministry of Health and private healthcare providers on compliance with the Health Information Privacy Code, implementation of clinical management systems, and handling of patient and clinical information.

Our employment experts advise on privacy issues in relation to recruitment, use of HR information systems, drug and alcohol testing, disciplinary processes, and employee investigations and disputes.

 

 

Webinar: Privacy 2020 for employers – Time to reset

 

Privacy continues to be a hot topic for employers around the country and as the Office of the Privacy Commissioner has said, the new Privacy Act 2020 offers organisations a chance to "reset" and make sure they get things right.  On Tuesday 22 September 2020, our team in Auckland presented a webinar on what employers need to know and do for the upcoming Privacy Act 2020.

Watch webinar

 

 

 

"Buddle Findlay’s multidisciplinary privacy and data protection team houses specialists from the firm’s technology, employment, healthcare, payments, and commercial practices to provide a seamless service to its roster of international clients and law firms on a range of New Zealand privacy matters."

Legal 500 Asia-Pacific

"The firm is willing to go above and beyond to support client needs."

Legal 500 Asia-Pacific

  • Tier 1 - Data Protection - Legal 500 Asia-Pacific

Experience

Sector / Expertise

Work highlights

Advising Sky Television

on all aspects of privacy compliance including drafting its consumer-facing terms and conditions and privacy policies, advising on the development of its android and iOS apps, its online account and content streaming services, call centre procedures, communications to its 800,000+ subscriber base and handling requests for information under the Privacy Act

Advising a number of District Health Boards, the Ministry of Health and other government agencies in the health sector

on compliance with the Health Information Privacy Code, implementation of clinical management systems and handling of patient and clinical information

Assisting a number of clients

on the interrelated privacy, employment and human rights issues arising from COVID-19 testing and vaccination of staff and collection of data in relation to vaccinations and contracting COVID-19, including developing privacy statements and consent forms for staff and others to use

Advising a number of clients

in relation to data and privacy breaches, including system infiltrations, ransomware demands and phishing scams

Providing and coordinating local privacy advice for Apple

in New Zealand and a range of Pacific jurisdictions

Advising a large local authority

on privacy and surveillance issues related to the implementation of public CCTV cameras

More

Our team

Partner | Special Counsel | Senior Consultant | Senior Associate | Senior Solicitor

Allan Yeoman

Partner, Auckland

Allan is a partner in Buddle Findlay's Technology, Media and Telecommunications (TMT) team. He specialises in providing…

  • DDI +64 9 363 1029
  • M +64 21 766 312

Email

Amy Ryburn

Partner, Wellington
Board of Management

Amy specialises in commercial law. She advises on a range of commercial matters but has a particular focus on technology, media and te…

  • DDI +64 4 462 0904
  • M +64 21 242 5889

Email

Hamish Kynaston

Partner, Wellington

Hamish specialises in employment relations, litigation, health law, health and safety, and education…

  • DDI +64 4 462 0439
  • M +64 21 279 2147

Email

Natasha Wilson

Partner, Wellington

Natasha is a member of our public law team in Wellington, and has extensive experience in the health, education, and science and…

  • DDI +64 4 498 7344
  • M +64 21 727 940

Email

Peter Chemis

Partner, Wellington

Peter specialises in employment law, industrial relations and related areas, and leads Buddle Findlay’s national employment team…

  • DDI +64 4 498 7339
  • M +64 27 444 6619

Email

Philip Wood

Partner, Auckland

Philip specialises in providing commercial, IT, telecommunication, media and television/film sector advice including strategic advice…

  • DDI +64 9 357 9385
  • M +64 21 624 356

Email

Sherridan Cook

Partner, Auckland
Board of Management

Sherridan specialises in employment, industrial relations and health and safety as well as litigation and dispute resolution…

  • DDI +64 9 357 1858
  • M +64 27 545 9768

Email

Susie Kilty

Partner, Wellington

Susie specialises in competition, fair trading, overseas investment consents and economic regulation, particularly of infrastructure in…

  • DDI +64 4 498 7356
  • M +64 21 792 134

Email

Related insights

Sort by: Date | Title

Update

Privacy and data protection: what will 2023 bring?

With 2022 now in the rear view mirror, we've been thinking about what lies ahead for privacy and data protection in 2023, and have out…

26 January 2023

Update

Regulation of biometrics in Aotearoa New Zealand: have your say

The Office of the Privacy Commissioner (OPC) published a biometrics position paper in October 2021 stating that it did not need any ad…

1 September 2022

Update

Face off: CCTV and facial recognition in the news

Research undertaken by CHOICE in Australia indicates that major Australian retailers (including Kmart and Bunnings) have been using fa…

28 June 2022

More