Data Privacy
Helping You Navigate Complex Data Rules
If you hold details on employees, customers or suppliers you are likely to hold personal data, and must ensure you collect, control, process, store and delete such personal data in accordance with legal requirements.
Streamlining Data Privacy Processes – Bespoke Data Privacy Support
At LS Law we devise streamlined processes and policies to ensure personal data is handled compliantly, whether that’s drafting a privacy policy, a form of consent, or advice on how to handle personal data.
Global Data Privacy Legal Support
We have extensive experience with privacy and data protection, including the General Data Protection Regulations (GDPR), and other legislative regimes concerning data privacy across the globe, including the EU-US Data Privacy Shield.
Interactions with individuals are central to the activities of the life science industry, and so ensuring the company has appropriate safeguards in place, data privacy policies, and the correct contractual clauses are used, and ensuring you have a lawful basis to process personal data is critical.
Data Privacy Parameters
We support our clients on a variety of topics including:
- Promotional and Non-Promotional Events & Activities
- Clinical Trials
- Big Data Analysis
- Healthcare Research
- International Third Party Data Transfers
- Whistleblowing Schemes
- Data Subject Access Requests
- Data Privacy Impact Assessments
Data Privacy Safeguards
We help our clients to understand the applicable legal framework, and the measures which need to be taken to ensure compliance with data privacy regulations including:
- Ascertaining Data Controller -v- Data Processor Status
- Data Processing Agreements
- Joint Controller Arrangements
- Data Transfer Agreements
- Setting Up Data Processing Registers
- Drafting Data Privacy Policies
- Carrying out Data Privacy Audits
- Data Retention Policies and Procedures
Data Privacy Officer (DPO)
In a number of jurisdictions, it is a requirement to engage an independent data privacy officer; a support function we can provide, through our Data Privacy Officer Subscription Service.
The advantages of engaging an external data privacy officer are clear to see.
Pros and Cons of Internal vs External Data Privacy Officers (DPOs)
When considering the appointment of a Data Privacy Officer (DPO), organisations face the decision of choosing between an internal or external DPO. Each option has its unique advantages and disadvantages, impacting factors such as cost, expertise, and operational efficiency. Below, we outline the key pros and cons to help you make an informed decision.
Pros:
- Knows the business very well
- On-site presence
- Opportunity for internal promotions
- Chance for growth within the company
Cons:
- Termination can be complicated
- Potential conflicts of interest
- Workload issues if the DPO has another “day job”
- Additional cost if a new headcount is required
- Cost of training and potential lack of expertise
- External DPO
Pros:
- Senior privacy experts with specialised knowledge
- Termination is straightforward
- Reduced cost compared to hiring internally
- Team support available
- Specialist support provided
- Reduced risk of conflicts of interest
Cons:
- Not available on-site 24/7
- Separate cost for the service
Discuss your data privacy challenges with one of our experts
We are ready to discuss your challenges and would be delighted to help you identify an optimal solution, and a practical course of action to get you there.