CDH's Data Protection Response Team is a multi-disciplinary team of lawyers with specialist knowledge of the Protection of Personal Information Act No. 4 of 2013 ("POPIA") and all related laws. The CDH Data Response Team includes leading lawyers in various fields of law, spearheaded by the TMT Sector team and comprising lawyers with data protection and privacy, employment law, consumer protection and regulatory, forensic and litigation expertise, who provide practical and bespoke advice in relation to all aspects pertaining to data protection compliance, data risk strategy formulation and data breach response. Our TMT Sector team have the expertise and in-depth experience to assist your business to answer some of the following questions with legally sound and practical advice –
- What is the best approach for the appointment of an information officer and deputy information officers for my business and how do I set up the most effective data privacy office?
- How do I protect valuable information assets in my business?
- How do I leverage data to support growth and/or expansion in my business, including by using data analytics and third party data services?
- How do I manage data across my business' digital footprint?
- From an HR perspective, do I understand POPIA compliance holistically across the employment lifecycle – from recruitment all the way to retirement in my business?
- When do I need to obtain consents and when can I rely on another lawful basis for processing personal information?
- How do I manage data flowing in and out of my organisation and how do I manage the 'unseen risks'?
- Am I prepared for a data breach impacting my business?
Our Data Response Team focuses on providing advice that draws on international experience in the information and data protection field. Our team has in-depth knowledge of international privacy laws, notably the GDPR.
We are also familiar with privacy laws especially across various African jurisdictions and other jurisdictions around the world and can advise on cross border processing of personal information. We advise many global, national and pan-African clients on their data protection compliance requirements and more particularly on how to implement and ensure ongoing compliance with data protection laws in a practical and pragmatic manner including as regards how to manage cross-border data transfers and consolidated and/or shared IT systems, how to adapt HR processes and the most effective manner in which to create uniform standards and procedures across our clients' different businesses in multiple jurisdictions.
Our services include, inter alia:
- Advising on assisting businesses to becoming POPIA compliant in a practical, time and cost efficient manner;
- Undertaking privacy impact assessments for data processing activities;
- Offering bespoke training tools and guidance for privacy professionals, information officers and privacy support teams within the business, including effective eLearning products;
- An eLearning product to educate and train employees on data management and compliance;
- A multidisciplinary approach to combatting and responding to data breaches with a dedicated always available Data Breach Response Team in place;
- Drafting data transfer agreements in respect of the cross-border transfer, use and storage of personal information
- Drafting and assisting with the implementation of necessary improvements / changes to the business to remediate areas of non-compliance and develop a coherent framework to support compliance in the future;
- Managing change and ensuring any issues arising from privacy compliance are well understood in advance and navigated effectively to avoid any potential 'blockers'