Boutique Law Firm Sydney

Commercial Lawyer Sydney

Privacy & Cybersecurity

legal advice on privacy compliance, data protection and cybersecurity risk.

We advise businesses on compliance with Australian privacy laws and data protection obligations. Privacy laws are becoming more stringent, and non-compliance can have severe consequences. We help you stay compliant and manage these emerging risks. Our services include:

  • Comprehensive advice on State and Federal privacy laws, including health information, corporate, and consumer laws.

  • Governance and risk management advice.

  • Legal due diligence on cyber and data issues, including intellectual property, confidential information, third-party contracts, and more.

  • Preparation of privacy policies in compliance with Australian privacy laws and GDPR.

  • Legal advice on responding to requests for health records or information.

Highly recommend, Kinny Legal were very helpful with
assisting us with reviewing our Privacy Policy
— Mary Marchesan, Elevate Health Australia
ask how we can help
Featured
OAIC Launches Privacy Compliance Sweep
OAIC Launches Privacy Compliance Sweep

The OAIC is conducting its first-ever privacy compliance sweep and businesses in breach may face penalties of up to $66,000.  Find out what you need to know and what your business should do to stay compliant.

Tough New Laws Covering Serious Invasions of Privacy Are About to Begin – What Do You Need to Know?
Tough New Laws Covering Serious Invasions of Privacy Are About to Begin – What Do You Need to Know?

Recent changes strengthening privacy protections reflect the growing importance of privacy protection in Australia and the increasing consequences for non-compliance. Find out what you need to know.

Medibank to Face Court Over Data Breach: Lessons for All
Medibank to Face Court Over Data Breach: Lessons for All

The OAIC is taking Medibank to court over its major data breach in October 2022. In this blog, we examine some of the privacy basics your health organisation should consider.

Does your industry lead the pack for notifiable data breaches?
Does your industry lead the pack for notifiable data breaches?

Health service providers continue to be the highest reporters of notifiable data breaches, with health service providers being responsible for 22% of reports to the AOIC from July to December of 2023.

How To Not Be a Spammer
How To Not Be a Spammer

Electronic communications are a key communication method for most organisations. It's important to know whether the Spam Act 2003 (Cth) (Act) applies to each communication and, if it does, make sure the communication doesn’t amount to a breach of that Act. Otherwise, your organisation might face significant fines and other consequences. This article explains what kinds of communications are regulated by the Act and what your organisations needs to do to not be a spammer.

Surveillance in the Workplace
Surveillance in the Workplace

The use of surveillance devices by employers can be an important and effective way to manage workplace risks. However, there are strict laws regulating the use of surveillance devices in the workplace and employers can incur significant penalties for non-compliance.

What is Beacon Technology?
What is Beacon Technology?

Beacon technology provides a creative and effective way of sending targeted marketing messages to consumers. However, there are many laws in Australia regulating how beacons can be used and breaching these laws can have significant consequences.

Top 4 Reasons Why Your Business Needs a Privacy Policy - At Any Size!
Top 4 Reasons Why Your Business Needs a Privacy Policy - At Any Size!

Most organisations capture personal information about their customers as part of their everyday operations. But do they all need a privacy policy? The short answer is that only some businesses are legally required to have a privacy policy, but many others choose to have one anyway because there are many potential benefits in having one – including more sales!

Guide: What You Need To Know About Using CCTV Devices In Aged Care
Guide: What You Need To Know About Using CCTV Devices In Aged Care

While there are a number of potential benefits to using CCTV devices in nursing homes, there are also a number of potential risks – especially if CCTV devices are installed before an aged care provider is in a position to comply with all the extra obligations they are taking on. Click here to download our guide to using CCTV devices in aged care facilities.

CCTV: Whose Choice Is It? The Legal and Ethical Issues
CCTV: Whose Choice Is It? The Legal and Ethical Issues

CCTV in aged care facilities - who has what choices, and how does an aged care provider overcome all the legal and ethical issues that come with it?

(Cyber)Crime And Punishment: A Snapshot Of The New Mandatory Notifiable Data Breaches Scheme
(Cyber)Crime And Punishment: A Snapshot Of The New Mandatory Notifiable Data Breaches Scheme

From 22 February 2018, any entity subject to the Privacy Act 1988 (Cth) and Australian Privacy Principles must report any instance of ‘eligible data breach’ to the Office of the Australian Information Commissioner and any individuals who may be potentially affected by that breach.

Click here to find out everything you need to know about the new scheme, and what you can do to manage the risk of data breaches, in less than 5 minutes.

T: 02 9199 4563   |   A: Level 21, 133 Castlereagh Street Sydney NSW 2000  |   E: info@kinnylegal.com