Caroline has extensive experience in commercial and information technology matters. Her particular specialism is UK and crossjurisdictional data protection and privacy law and UK freedom of information law. She regularly advises global clients on international transfers of data, and UK clients on complex and sensitive data protection and freedom of information issues. She also advises on major IT procurement and outsourcing projects.
Caroline lectures on domestic and cross-jurisdictional data protection issues, and was named a notable practitioner in data protection law in Chambers UK.
Advising a US based implementer of global HR databases utilising a cloud-based solution on the different forms of agreement required to satisfy EU compliance requirements, depending on the Safe Harbour status of its clients, and the capacity in which data is received from Europe, and on achieving Safe Harbour status as a pure processor and negotiating the relevant terms of individual agreements, with their clients.
Providing data protection training to clients in a variety of sectors, including IT, retail, leisure, customer services and financial services.
Advising businesses on all aspects of acquiring and lawfully using customer data, including usage in connection with advertising and marketing, both on and off line.
Advising a major US group with worldwide subsidiaries on a number of major international projects involving the transfer of personal data outside the EEA from 17 European jurisdictions. Projects have included outsourced IT projects, employment appraisal procedures, personnel administration, provision of international emergency assistance and insurance related matters. Caroline dealt with UK compliance and project-managed compliance across all affected jurisdictions, working both with data protection experts in our continental European offices and with independent lawyers in other countries. She also provided briefings, core summaries of requirements and training to key senior US and UK personnel.
Advising a leading global medical products company on compliance with European data protection law in its rollout of a global HR database, involving transfers of data to entities from a significant number of European countries outside the EEA both within the client group and to third party service providers.
Advising a number of major organisations in fields as varied as medical products, pensions and IT service providers on addressing data security breach issues, in some cases at UK level only, but in others involving the law of multiple jurisdictions.
Advising a number of global companies with US parents on the strategic advantages and disadvantages of Safe Harbour certification and use of the EC approved Model Clauses.
Articles in the National Law Review database by Caroline Egan