Latham.London

Tag Archives: GDPR

UK MRC Clarifies When Health Data Is Anonymised in Research Context

Research participants must identify which data sets constitute personal data to ensure compliance with the GDPR. By Frances Stocks Allen and Mihail Krepchev The UK Medical Research Council (MRC) has published a useful guidance note on the identifiability, anonymisation, and pseudonymisation of personal data in the context of research activities (the Guidance). The Guidance reminds … Continue Reading

UK Government Releases Details of New ‘Online Harms’ Regime for Online Platforms

Update confirms the introduction of an active “duty of care” and a dedicated regulator, as part of a comprehensive new online regulatory regime. By Alain Traill, Rachael Astin, Gail E. Crawford, and Patrick Mitchell Following a wave of commentary from industry, the social sector, and other organisations, on 11 February 2020 the UK government set … Continue Reading

Big-Ticket Fines and Veil-Piercing Cases Raise Portfolio Company Liability Risks for PE Parents

How can private equity firms identify and mitigate inherited liability risk from vulnerable portfolio companies? By Tom Evans, Gail Crawford, Fiona Maclean, David Walker, Katie Peek, Catherine Campbell, and Amy Smyth Ongoing big ticket regulatory fines coupled with high profile corporate veil cases indicate that private equity deal teams must remain alert to the risk of … Continue Reading

Group Liability for Data Protection Failure – A New Threat for Private Equity Firms?

By Gail Crawford, Hayley Pizzey, Mark Sun, and Calum Warren As European data protection regulators prepare to enforce the General Data Protection Regulation (GDPR) from May 2018, private equity firms must act to minimise the risk of becoming financially liable for the data protection failings of portfolio companies. After a recent spate of high-profile data breaches, … Continue Reading

Queen Announces New UK Data Protection Bill

By  Gail Crawford and Danielle van der Merwe Following the commencement of the Brexit negotiations earlier this week, the Queen announced in her speech on Wednesday a new law that will “ensure the United Kingdom retains its world-class regime protecting personal data”. This bill will replace the current Data Protection Act 1998 in the UK. One of … Continue Reading

New EU Data Protection Rules Move the M&A Goalposts

By Gail Crawford After over four years of debate, the General Data Protection Regulation (GDPR) recently came into force, taking effect after a two year transition period, i.e. from 25 May 2018. The GDPR introduces a rigorous and far-reaching privacy framework, which will impact many M&A transactions. The GDPR sets out defined obligations and substantial … Continue Reading
LexBlog