Boutique Law Firm Sydney

Commercial Lawyer Sydney

Schedule Appointment

privacy laws are increasingly comprehensive. Cyber risks are everywhere and cannot be adequately addressed by technology alone.  Data is becoming increasingly valuable and subject to increasingly sophisticated threats.  businesses must comply with increasing privacy and data-protection obligations.  We can partner with your company and external advisers to provide a comprehensive privacy and cybersecurity strategy.

Why choose us?

1.    We give comprehensive advice.  Don't get caught out by incomplete advice.  We consider not only the national privacy laws that apply to your proposed business activities but also the lesser known privacy compliance issues arising under the Corporations Act 2001 (Cth), ASX Listing Rules, APRA's prudential standards, Competition and Consumer Act 2010 (Cth) and industry-specific legislation applying to the aged care, retirement and health care industries.

2.    We can help you go global.  Our expertise extends to Australian as well as EU privacy laws.

3.   We can help reduce recurrence.   We can promptly respond to cybersecurity and privacy breaches when they occur.  But, we also know that prevention is better than a cure.  Our extensive training, data management and risk mitigation services will help protect your business from future privacy breaches.

Our legal services include:

  • Governance and risk management advice

  • Legal due diligence on cyber and data issues - including intellectual property, confidential information, customer lists and other assets, third party contracts, compliance, insurance, employees and corporate governance

  • Australian Privacy Law-compliant privacy documents

  • Australian Privacy Law compliance advice

  • GDPR-compliant privacy documents

  • GDPR compliance advice

  • Staff and management training

  • Assistance with the legal aspects of cybersecurity breaches and data management - including the NIST framework, data breach response plans, business continuity and disaster recovery plans and compliance with mandatory data breach notification obligations