Our expert cyber, privacy and data protection team works closely with organisations across a wide range of sectors. We help clients to:
We work seamlessly with international advisors on global privacy and regulatory reviews and on cyber and data breach incidents involving and affecting clients across multiple jurisdictions.
Our clients include leading Australian and multi-national organisations operating in highly regulated sectors such as technology, telecommunications, healthcare, financial services, energy & resources, transport and defence.
Our multi-disciplinary team includes experts in information security, digital forensics, privacy, regulatory compliance, disputes, employment and corporate governance. We have extensive experience in privacy compliance and audits, artificial intelligence, critical infrastructure, data due diligence, electronic surveillance, digital health, data commercialisation and data governance.
Members of our team are recognised for their pragmatic, commercial advice and market-leading insights.
Preparatory advice and risk management
Incident Response
Post Incident Support
Australian healthcare services group
Comprehensive audit of the group's data handling practices and compliance with the Privacy Act and Spam Act, followed by support with uplifts to the group's data governance frameworks including privacy policy and collection notices, data breach and cyber incident response plans and a Spam Act compliance guide. We provide ongoing on-call support in relation to privacy, e-marketing and cyber matters.
Australian financial services group
End-to-end review and uplift of its privacy policies and procedures framework, following advice on privacy compliance risks across the group, advice on obligations in relation to document retention and the destruction/de-identification of redundant personal information and a summary of relevant regulatory guidance and decisions.
Major telecommunications group
Content and hardware collaboration with a media group, including contract negotiations and advice on a range of complex competition, privacy, Spam Act and e-marketing issues arising from the deal.
Global IT provider
Software malfunction and resulting data breach incident, including assisting with data breach assessment and notification obligations, engagement with impacted customers and responses to inquiries from the Australian data protection regulator, the Office of the Australian Information Commissioner (OAIC).
Global cold storage and logistics provider
Advice on the scope and practical implications of its cyber security, data protection and reporting obligations as responsible entity for critical infrastructure assets under the Security of Critical Infrastructure Act 2018 (Cth) (SOCI Act).
Various international and ASX-listed companies
Providing support in relation to significant data breach matters, including ransomware, nation-state and insider attacks. Supporting with incident response, communications, law enforcement engagement, regulatory compliance and engagement, data review, board advisory and managing third-party claims.