Data Protection and Information Law

Healthcare:

Thanks to technology, information can be created, copied and disseminated with ease. This has led to exponential growth in the quantity of personal and official information that organisations have a responsibility to manage.

To add to this complexity, healthcare organisations are faced with the twin legal obligations of releasing official information and protecting personal and confidential information. When these two obligations clash, the law can sometimes seem particularly difficult to interpret.

There’s no denying data protection is a difficult area of law to navigate, but our expert team of specialists will focus on the details, and guide you through the process, taking a risk-based approach to your specific case.

The legal landscape can feel overwhelming. If you need help and support to clarify your obligations and protect your data and your organisation, we’re here to help.

Our services

Access to health records
Agreements with suppliers
Camera surveillance
Controller, processor, joint controller assessments
Data protection impact assessments
Data sharing
Disclosures to third parties
Environmental information
Freedom of Information
Information Commissioner’s assessments and investigations
International transfers
Monitoring
Policies, procedures and other compliance documentation
Privacy notices
Processor supply chains
Subject access requests and other individual requests
Third party requests by police or others
Training

Contact a specialist

Judy Baker

Partner | IP/IT

+44 (0) 330 137 3439

+44 (0) 784 351 5807

Email Judy Baker

Read bio

Phil Tompkins

Partner | Commercial

+44 (0) 330 137 3415

+44 (0)7980 769 630

Email Phil Tompkins

Read bio

View all contacts

What people say

Tim Toomey- Tim is always very commercially attuned and deals with matters quickly and cost effectively

Legal 500, client quote
Good value service and added extras including bespoke training provided. They offer particularly good value and keep costs proportionate to claim value.

Legal 500, client quote
I mainly work with Judy Baker who has excellent in depth knowledge of data protection law and is also extremely organised and methodical in her approach to responding to queries and issues. Her advice is always very thorough and well thought through whilst also being easy to understand.

Legal 500, client quote
Judy Baker is extremely professional yet approachable, quick to respond to queries and always provides clear, thorough advice.

Legal 500
Indepth knowledge of all legal issues, in particular with regards to data protection and GDPR makes them unique.
The team are highly professional with excellent knowledge of the NHS and in particular the Ambulance Service. They are very reliable and promptly respond to clients requests. Ward Hadaway are an exceptionally client-focused firm who truly work in partnership with Trust. Overall we have an extremely good working relationship providing high quality and value for money.

Alan Gallagher, Head of Risk and Regulatory Services, North East Ambulance Service NHS Foundation Trust
We have a real sense of a fresh approach from Ward Hadaway in terms of client engagement which is providing the Trust with added value benefits in terms of both cost and quality of service.

Paul Dowell MCIPS, Deputy Head of Procurement & Supplies, University Hospitals of Morecambe Bay NHS Foundation Trust
High quality advice to suppliers and customers in the private and public sectors. Also noted for expertise in data privacy law and its commercial implications.

Chambers & Partners
IT law specialist Judy Baker of Ward Hadaway 'is very responsive and extremely hard-working, and really puts herself out to help with a quick turnaround,' reports one client. Another interviewee says she is 'very up to date and proactive'.

What we're thinking

30.01.2024,

Updates

Artificial intelligence in your business: Data protection

How do you ensure that any artificial intelligence you are using, or developing throughout your business has data protection 'baked-in'?
15.11.2023,

Updates

VIDEO: Data protection: crossing borders – data transfers

In this video we look at the transfer of data out of the UK and EEA, particularly look at the changes coming in 2024
12.09.2023,

Video and Podcasts

Video: Data protection in marketing

A recording of the fourth session in our data protection webinar series discussing marketing and data protection.
19.05.2023,

Video and Podcasts

Video: Data protection – Data Subject Access Requests (DSARs)

This video is a recording of the second session in our Data protection webinar series for in-house lawyers, DPOs and senior management in private and public sector organisations.
10.11.2021,

News

Lloyd v Google LLC

Supreme Court shuts down opt-out representative actions for data breach claims.
28.09.2021,

Video and Podcasts

Video: Data protection and marketing – treading the fine line

Ensuring marketing communications comply with data protection regulations is a minefield.
2.07.2021,

Updates

UK data protection deemed ‘adequate’ by the EU

On 28 June 2021, the European Commission adopted an adequacy decision in respect of the UK's data protection framework under the GDPR.
14.01.2021,

Updates

Standard Contractual Clauses for personal data imports and exports to and from the UK: an update

Following the expiry of the transition period on 31 December 2020, the UK's rules on transferring personal data outside the UK have changed.
7.01.2021,

Updates

Personal data flows from the EU: an update

As part of the UK's Trade and Cooperation Agreement with the EU, the UK and EU have agreed that personal data flows from the EU to the UK can continue, for a specified period (likely to be 6 months), as they had prior to the end of the transition period.

All data protection and information law insights

Data Protection and Information Law

Specialists in the healthcare sector

Contact a specialist

What people say

What we're thinking

Stay up to date with all the latest news and insights