Data Protection and Risk Management
Navigating legislation that governs the use of data, can seem like a minefield. At MHP we help smooth the way forward, working with clients and companies to ensure compliance with data protection law – including the changes under the General Data Protection Regulation (GDPR) and the Irish Data Protection Act 2018. We also advise public bodies on their obligations under the Freedom of Information Acts 1997-2003.
We advise on the scope of data access requests, as well as on Freedom of Information requests and exemptions. This can include consideration of confidential and commercially sensitive information, and drafting and advising on data processing agreements. We will also assist with amendments required to existing agreements under the GDPR.
We can assist on all matters pertaining to:
- Transfer of data outside the EEA (including model contractual clauses).
- Advice on direct marketing and obligations under the EC Privacy and Electronic Communications Regulations 2011.
- Practical implementation of data protection in the workplace, including CCTV recording, employee records, handling interview application forms and disciplinary records.
- Data retention and deletion policies.
- Drafting of privacy policies.
- Dealing with data breaches and unauthorised disclosures.
- Dealing with investigations, Information Notices and Enforcement Notices issued by the Office of the Data Protection Commissioner.
- Advising Data Protection Officers.