Data Protection / GDPR
ByrneWallace is the first large Irish law firm certified with ISO 27001, giving us a unique understanding of the challenges organisations face in relation to data security, cybercrime and the onerous task of ensuring compliance with the General Data Protection Regulation (“GDPR”).
We are commercially focused and understand the potentially serious impact a data security breach can have on a business, including adverse publicity.
We also understand the importance of ensuring that the appropriate contracts, policies, procedures and control mechanisms are in place to mitigate such threats and safeguard personal data in compliance with the regulatory standards.
We have a dedicated team of lawyers who practice in different areas of the law and who apply their specialist expertise in advising clients on the practical requirements of the GDPR. We also provide training to clients both at operational and board level.
Our clients include IT companies, banks and financial institutions, public bodies including the health authorities, healthcare providers, and private and public organisations in a variety of sectors, that handle large volumes of personal data.
We advise our clients in the immediate aftermath of personal data breaches, providing practical guidance on mitigating steps, reporting requirements, and completing document reviews. We advise in relation to responding to Subject Access Requests, including large scale document management and review projects, providing advice regarding applicable exemptions and redactions, and communicating with the Data Protection Commissioner (“DPC”) on behalf of clients. We also advise clients on transparency requirements including drafting privacy and cookie policies, and we provide support, assistance and a forum for discussion to our clients’ Data Protection Officers.
We are skilled in all areas of data protection including:
• Cloud based commercial contracts
• Data breaches
• Data privacy (incl. privacy/cookies policies)
• Data Privacy Impact Assessments
• Data Protection audits/internal investigations
• Data Protection gap analysis
• Drafting data processing agreements and data sharing agreements
• Drafting policies and guidance documents
• GDPR compliance matters
• Engagement with the DPC
• Investigations and enforcement proceedings by the DPC
• International data transfers
• Law Enforcement Directive
• Specialist Data Protection advice for employers
• Specialised GDPR related training
• Subject access requests