Layer 1
Privacy Impact Assessments (PIA)
$25,300

Privacy Impact Assessments

Identify and manage privacy risks before they happen

What is a Privacy Impact Assessment


Privacy is often confused with confidentiality or secrecy. However, privacy considerations are much broader than just ensuring information is not disclosed without authority. Privacy impacts can occur any time ‘Personal Information’ is collected, stored, processed, or disclosed. (Personal Information means any information about an identified individual, or an individual who is reasonably identifiable.)

The Australian Privacy Principles (APP) apply across the life cycle of Personal Information as it is collected by an organisation, held, processed, and eventually disposed of. Each point in the information life cycle can pose challenges and risks. Privacy risks can arise at any point in the life cycle of the Personal Information and can result from internal or external sources. Our privacy services are designed to pragmatically bolster your ability to prevent, and respond to, privacy risks and legal obligations effectively and efficiently.

A PIA report should describe and de-mystify the initiative, identify and analyse the privacy implications, and make clear recommendations, in plain English, for minimising privacy risks while maximising data utility ensuring your business objectives are met. We report conformity to the APPs on a three point scale outlined below:



Privacy risk management activities are conform to APPs and applicable privacy laws.



Activities are partially compliant to APPs or applicable privacy laws with some non-conformity identified.


Activities are wholly or materially not compliant with the APPs or applicable laws.

A Privacy Impact Assessment can also be scoped to include exposure and impacts arising under foreign privacy regimes such as the EU General Data Protection Regulation (GDPR) and to cover international data transfer risks through a Transfer Impact Assessment (TIA).

The engagement workflow will follow a defined process outlined below:


Transparent and Flexible Pricing

Pricing starting from

Description
Item
Quantity
Price

Privacy Impact Assessments Starting from

$3,500

Fractional Privacy Officer Plans

Billing frequency

Foundations Package

$1,700 / month
1Privacy Package - Foundations (SME)
  • Privacy Policy updates/drafting and 1 round of editing by a privacy lawyer
  • Data Breach Response Plan template, guidance, and 1x review
  • Collection Notices and Consent Forms
  • General ad-hoc privacy enquiries (up to 4 hours per month)


Advanced Package

$4,500 / month
1Privacy Package - Mature (SME)
  • Everything in Established plus:
    • Model Data Processing Agreement (DTA): Controller - Processor
    • Business Continuity Plan template, 1 hr workshop, and 1 round of review and edits of your completed BCP
    • Privacy Impact Assessment covering 1 major system with 1 round of editing, conducted by a privacy lawyer
    • 4 additional hours per month for general ad-hoc privacy enquiries (total = 12 hours per month)


Privacy Helpdesk - Ad-hoc hours

Privacy Helpdesk
4 hours

$1,800
1Privacy Helpdesk (3 hrs / 6 mth)
  • Access to senior privacy lawyer
  • 4 hours of informal privacy advice
    • review of draft privacy documents
    • ad-hoc privacy advice
  • Hours valid to use for 12 months from date of purchase

Privacy Helpdesk hours are not usable for data breach response services or work relating to large projects or complex issues (typically requiring more than 4 hrs effort on a single enquiry or relating to: complex international or multi-jurisdictional privacy law, machine learning, facial recognition, artificial intelligence, data breach response, insurance claims, or disputes & litigations)

Privacy Helpdesk
8 hours

$3,500
1Privacy Helpdesk (6 hrs / 6 mth)
  • Access to senior privacy lawyer
  • 8 hours of informal privacy advice
    • review of draft privacy documents
    • ad-hoc privacy advice
  • Hours valid to use for 12 months from date of purchase


Privacy Helpdesk
12 hours

$5,000
1Privacy Helpdesk (12 hrs / 6 mth)
  • Access to senior privacy lawyer
  • 12 hours of informal privacy advice
    • review of draft privacy documents
    • ad-hoc privacy advice
  • Hours valid to use for 12 months from date of purchase

Get a no obligation consultation

At Albrecht Burrows, we understand the complexity and urgency of cyber and privacy risks facing businesses today. Get a no obligation consultation with our experts to better understand how your business can increase your resilience to cyber and privacy threats and regulatory risks. Our team of experienced multidisciplinary professionals will work closely with you to create personalised risk management solutions tailored to your business' unique needs needs and budget. Don't wait until it's too late – schedule your no-obligation consultation today and take proactive steps towards protecting your business from cyber threats and privacy breaches.


Case Studies

1. Financial Institution Compliance: Our hybrid computer science – legal team members helped the client successfully map their current cyber maturity level and legal obligations, establish a maturity uplift roadmap in coordination with their IT provider, and worked with their insurance broker to complete accurate proposal form responses resulting in the successfully obtaining cyber insurance coverage for an affordable premium. 2. SaaS Company AI & Facial Recognition Compliance: We helped an Australian SaaS web app maker successfully navigate the complexities of international data protection laws as they apply to biometric information in retail virtual try-on technology minimising their overall privacy and data protection risks and helping the company implement a sound multinational expansion strategy aligned to the client's risk tolerance. 3. Transport Logistics Incident Response: Working with a prominent logistics company, we provided timely and compassionate advice and assistance in responding to a devastating ransomware attack from day 1 through to full recovery and post-recovery risk mitigation successfully returning the client to normal operations in less than one week with no regulatory actions or adverse media.

Meet Our Team

James A. Cole

Partner | Head of Cyber & Privacy

James is a lawyer, computer scientist, and criminologist practicing in cyber and technology, data protection and privacy, data breach response, and cyber insurance. With over 25 years of experience in information security and a multidisciplinary background, James combines technical and legal expertise to help clients navigate the complex and evolving cyber and privacy landscape.

James has handled hundreds of cyber and privacy breaches and is passionate about helping businesses build resilience to cyber and privacy risks.

Mark Anderson

Legal Consultant, Lawyer (NZ)

Mark is a highly awarded legal risk adviser and barrister. He is a leading expert in a variety of legal risk areas, including cyber, privacy and technology law.

Mark has provided incident response advice globally to clients in need, including those in Europe, Australia, New Zealand and across APAC, after developing global incident response panels drawing together legal, IT, Forensic and PR professions to manage cyber crises. He has managed some of the highest profile cyber breaches in Australasia.


Testimonials

What sets AB apart is their flexible and pragmatic approach - they share our values, our DNA, and they think outside the box. The team are highly skilled commercial lawyers who possess unparalleled expertise in regulatory areas, a deep understanding of business, and exceptional negotiation skills."

Regan Carey
Head of Legal and Compliance
Craigs Investment Partners

AB offers exceptional legal advice delivered by highly skilled and brilliant lawyers who are fantastic to deal with; personable, easy to talk to and compassionate. The commerciality of their advice is matched only by their commitment to simplifying the law and finding practical, creative solutions!

Tas Demos
Managing Partner
BDH Leaders


Data breach emergencies

If you have experienced a data breach, whether unintential employee errors, employee data theft, or you’ve been the victim of a cyber-attack, the first 48 hours is crucial. So don’t waste any time, just get in touch.

Reach out, day or night.

If you don’t reach us straight away, we will get in touch ASAP!

Email us on [email protected]

Breach emergency Line: 02 8318 5980

woman holding silver iPhone 6



Assessment Solutions

Policy and Process

Complaints

Breach Prevention and Response

Awareness and Culture


Terms and Conditions

We are required by the Legal Profession Uniform Law (NSW) (Uniform Law) to set out the following terms of our engagement for your acceptance or further negotiation.

In these Terms, references to Albrecht Burrows, "we", "us", "our" refer to Alliance Legal Pty Ltd (ABN ) trading as Albrecht Burrows of Level 12, 111 Elizabeth Street, Sydney NSW 2000.

This document, together with our General Terms of Business, sets out the terms of our offer to provide legal services to you and constitutes our costs agreement and disclosure pursuant to the Uniform Law. The Terms and the Accepted Options in this Proposal form the entire agreement between You and Us during our engagement and any references to the "Proposal" in this document refers to both the Terms and the Accepted Option.

By accepting this Proposal as set out herein and below in the Terms, you agree that this Proposal serves as a binding Costs Agreement and Disclosure under Schedule 1 of the Legal Profession Uniform Law (NSW) between Albrecht Burrows and You for the provision of legal services and may be enforced in the same way as any other contract.


Smart Commercial Lawyers


Delivering emotionally intelligent legal solutions

ablaw.com.au | [email protected]

Reception 02 8014 2511