As business moves into the digital age, so has the European Union’s focus shifted onto a digital single market. The EU’s long-awaited data protection reform package applies from 25 May 2018. It is comprised of both the General Data Protection Regulation (GDPR) and a Directive dealing with data processing for law enforcement purposes (DP police directive), and represents a complete overhaul of EU data protection law.
In an era of behavioural advertising, cloud computing, location monitoring and ever-increasing risk from cyber-threats, businesses and public authorities face new challenges in achieving compliance with a rapidly evolving area of the law. Examples of what lies over the horizon are the implementation of Network Information Security Directive (NISD or the Cybersecurity Directive) and ePrivacy Regulation, which will replace the ePrivacy Directive.
At ISOLAS LLP, our team of experts takes a holistic approach to assisting our clients in implementing strategies to face such challenges. We advise a wide range of businesses including financial institutions, retailers, insurers, information service providers, technology start-ups, and government on mitigating business and legal risks associated with the aggregation, use, dissemination, transfer and storage of information.
The breadth of ISOLAS’s expertise in this area spans across the wide range of data protection issues. Our dedicated team can assist on matters such as:
- GDPR readiness audits and data mapping
- Direct marketing
- Drafting privacy statements and data protection policies
- International data transfers
- Data protection provisions in contracts and on general terms and conditions/terms of business
- Monitoring of employees through new technologies (including video surveillance and the recording of telephone calls)
- Personnel and payroll administration
- Processing of special categories of data (i.e. “sensitive data”) and processing by automated means
- Data breaches and notification requirements
- Data protection impact assessments (DPIAs)
When providing such advice, our focus is on adding value to your business, making it resilient to the risks associated with data management and breaches of information privacy, as well as minimising the costs associated with compliance (and helping you avoid the penalties associated with non-compliance). Our experts will team up with the Board, in-house Counsel, Chief Technology Officers, Information Officers and Data Protection Officers to create cyber-incident / data breach response plans, carry out internal audits and providing general assistance in navigating the complex regulatory landscape.
We take a proactive approach to keeping our clients abreast of latest developments through in-house presentations, seminars, newsletters and/or other publications.