Claire is a senior associate with extensive in-house commercial experience within the social care sector. Claire acts for a wide range of clients, from individuals and small businesses to larger, multi-national organisations. She has a particular focus on data privacy, contract management and strategic planning for businesses and commercial arrangements such as supply goods and services, agency and distribution agreements and service contracts for both private and public sectors.
Claire’s key area of expertise is data privacy. She provides high level and detailed advice to all organisations on their obligations under the GDPR, the Data Protection Act 2018, and related privacy legislation such as the Privacy and Electronic Communications Regulations, and assists in data protection issues that arise on a daily basis. Claire is experienced in providing data breach management support and has successfully liaised with the ICO on behalf of a number of clients.
Claire is also well versed in risk management; she created and managed a team in-house in order to identify and mitigate risk and has worked closely with DPOs within a variety of sectors to assist them with their compliance programmes.
Claire adopts a calm and practical approach, delivering solution-based legal advice to all clients.
- Liaising with the ICO following a client’s serious breach of special category data, successfully avoiding financial penalties and other potential adverse action by the ICO. The breach involved the loss of a paper file in a public place which contained the full social care and medical records of a vulnerable individual.
- Implementing a data privacy compliance programme for a multi-national organisation which processed high volumes of special category data. Our work included an initial audit, policies and procedures, fair processing notices, data sharing agreements, marketing consents, sub-processor contracts and transfers to third countries.
- The creation of an industry specific network of organisations to include webinar and multiple detailed face to face training workshops on aspects of data protection such as consent for marketing and the use of photographs, lawful processing of children’s data and special category data, individuals rights, data mapping, DPIA and audits, breach management, sub-processor contracts, transfers to third countries and accountability obligations.
- Carrying out a full GDPR audit and subsequent compliance programme for an international manufacturer / retailer group, across multiple jurisdictions including policies, procedures, all applicable data protection notices, data sharing agreements (both internal and external), sub-processor contracts, cross-border transfers, advice on DPIAs and accountability requirements.
- Supporting clients in respect of subject access requests involving the review and collation of information, identifying and applying exemptions and liaising with the data subject’s advisors.
- Supporting clients during ICO investigations arising as a result of breaches of personal data or access request disclosures.
Claire qualified in 2009. She worked in house for a multi-national social care service provider for several years, before joining Wright Hassall in 2017.
Claire enjoys spending time with her family and friends and combining that with walking her dogs whenever possible.