Privacy and data security

In society today, information, technology, and data (including “big data”) are of the utmost importance. Both large companies and private individuals have to deal with data, for example business secrets or personal data. Public authorities and institutions also have to manage large quantities of data and flows of information, including ICT systems for schools, the Electronic Patient Record, and the National Exchange for the smooth exchange of patient data.

Society attaches great importance to ensuring that all this data and these flows of information are only used as intended. Rightly so, of course. In order to ensure this, it is important that there are rules to determine the legal frameworks for protection of that data and that (technical) systems are in place so as to protect it. Thuis Partners supports parties that work with information and data streams.

Advice

Does your organisation provide or process personal data? We will be happy to advise you on the conditions under which personal data may be used. We can also assist you with keeping information or data protected, in order to prevent it from being used unlawfully by third parties. We also advise employers on how and to what extent they are permitted to process employees’ personal data. We advise healthcare institutions on drawing up ICT agreements to protect data or to make it possible to have personal data processed by other parties (“Data Processing Agreements”).

This is a field of law that is developing rapidly. That increases the likelihood that you will be approached by the national regulatory authority or by private individuals who want to know how you process personal data. You then need to act quickly and appropriately in order to provide the necessary information. That way, you can prevent enforcement measures being imposed (for example an order subject to a penalty for non-compliance or even a fine). We can assist you in responding in an appropriate and effective manner. In addition, we advise companies on drawing up Research & Development Agreements and the associated Non-Disclosure Agreements (NDAs) so as to ensure the protection of business secrets. If things go wrong and a data breach occurs, we can respond quickly and assist you in taking the appropriate measures vis-à-vis the authorities and data subjects involved.

Litigation

Litigation may be necessary if the Dutch Data Protection Authority decides to take enforcement action, if data is used unlawfully, or if unlawful publication takes place. We have the necessary litigation experience with disputes in the field of privacy, data processing, and data protection, both in court, before the Dutch Data Protection Authority, and in arbitration cases.

Subjects

Our Privacy and Data Security department covers the following:

• General Data Protection Regulation (GDPR);
• Dutch Data Protection Authority [Autoriteit Persoonsgegevens];
• business secrets (NDAs);
• blockchain technology for the legal sector;
• data, data breaches, big data, and data traffic;
• data protection measures;
• ICT projects;
• intellectual property;
• reporting obligations;
• unlawful publication (including in the press);
• privacy policy, privacy statements, and privacy notices;
• cooperation agreements in the field of data, R&D, and privacy;
• processing of personal data;
• data processing agreements.

Training

Because there are numerous cross-connections with the other fields of law dealt with by our firm, our various newsletters will keep you informed of interesting developments and current news items regarding privacy and data security.

We regularly organise seminars and give in-house courses about current topics in this field, including the General Data Protection Regulation (GDPR) and all the changes that it will involve.

Please contact our Privacy & Data Security department with any questions about these matters.