Anna has experience of advising on information law with a focus on data protection in both contentious and non-contentious forums. She has experience of liaising directly with the Information Commissioner's Office on behalf of clients and she often delivers training sessions to Boards and Senior Management Teams on data protection compliance.
Anna has considerable experience in drafting policies and procedures to include the audit of policies and procedures in place together with recommendations. Her recent experience includes:
• Advising multiple clients following personal data breaches including hacking and ransomware attacks including the instruction of forensic experts and managing regulatory investigations and data subject complaints and claims. The advice has included consideration and preparation of regulatory notifications to the relevant bodies (e.g. ICO, FCA, SRA, ICAEW), and project managing the investigation to conclusion.
• Acting on behalf of a Utilities company in assisting with their GDPR implementation programme including providing training for staff, reviewing draft policies and procedures, assisting with lawful basis for processing queries and the preparation of retention schedules.
• Acting on behalf of an Insurance broker preparing an audit toolkit questionnaire to ascertain the clients' readiness for GDPR. Including attendance at their offices to complete the audit and assessing via a gap analysis what further work needed to be done to achieve compliance with GDPR within a strict timescale.
Craig advises public and private sector organisations across Great Britain and Northern Ireland on all aspects of employment law.
James acts for businesses and insurers in relation to a broad span of commercial disputes and regulatory matters, with particular experience in relation to construction disputes (including litigation, arbitration and adjudication), contract disputes and professional negligence actions.