Public and private sector agencies that handle personal have a lot to manage: privacy law, security requirements, breach prevention, and the readiness to respond when something goes wrong. Day to day, the questions tend to be specific: can we process this, do we need an MOU, is our privacy statement still right, do our contracts protect us, do we understand the information laws that actually apply, are we taking a privacy-centric approach?
In situations like these, an experienced and pragmatic privacy lawyer helps you protect people's privacy, comply with the law, safeguard your reputation and, sometimes, sleep better at night.
01 – CAPABILITIES
How I can help.
Three pillars covering privacy and security from understanding where you stand, through documenting how you operate, to responding when things change or go wrong.
02 – EXPERIENCE
Selected experience.
A handful of representative projects, anonymised as appropriate, many with a technology or digital government dimension.
CASE 01
Privacy maturity assessment - PMAF
Conducted a privacy maturity assessment for a government department – surveying staff, reviewing policies, and producing recommendations to lift IPP compliance.
Role: External counsel, assessment lead
CASE 03
Privacy framework for service design
Provided wide-ranging advice for a framework that assesses the privacy, human rights and ethics implications of proposed services and processes.
Role: External counsel
CASE 02
Policy on data protection and use
Provided substantial privacy law advice and drafting inputs for a government policy on data protection and use, in close consultation with internal team.
Role: External counsel, privacy law advisor
CASE 04
Copilot privacy impact assessment
Undertook a privacy impact assessment on an agency's proposed deployment of Microsoft 365 Copilot - surfacing risks and making recommendations to mitigate them.
Role: PIA lead
ASSESSMENTS, MATURITY, AND ADVICE
POLICIES, PRIVACY STATEMENTS, GUIDES, AND TRAINING
INFORMATION SHARING AND CONTRACTS
OTHER STATUTES AND INTERNATIONAL REGULATION
“
I’ve worked with Richard a few times over the years … . He is outstanding in his understanding of personal information collection, use and sharing. This includes not only a superb grasp of privacy law, but also extends into the forest of overlapping laws and codes that modify or impact on the Privacy Act’s various elements.
DPUP Engagement Lead
SOCIAL WELLBEING AGENCY
03 – TOOLS I BUILT
Tools that speed up the work.
Two decades of privacy work, packaged into tools that handle the repeatable parts, increasing efficiency and enabling focus on the more complex elements.
StopLookGo Privacy
Guidance on the Act, a library of specific legislative authorities, a range of assessment tools, and the ability to build the documents agencies need such as privacy statements, information-sharing MOUs, and data licence agreements.
"Richard’s ... StopLookGo [Privacy] produced a helpful preliminary report for us on some privacy issues we required advice on. It was an effective way for us to understand which areas needed priority, so we could make the best use of our time in the next steps.”
PRIVATE SECTOR CLIENT, AGRICULTURE SECTOR
Privacy automations in Contract Foundry
The Contract Foundry includes builders specifically for privacy statements, privacy clauses, information sharing MOUs, and other privacy-adjacent agreements. Same drafting standards I'd produce manually, generated in a fraction of the time it would otherwise take.
"With the information sharing MOU builder, I was able to build an MOU between a government department and a professional regulatory body rapidly, keeping costs down.”
Have a privacy matter on your mind?
Happy to jump on Teams or Zoom to talk it through. Just a 15-min chat to see if I'm the right fit.