Personal Data

The BGP Litigation Technology Practice team supports businesses on projects involving protection and use of personal data, information and cyber security. We help companies observe the complex regulatory requirements on collection, storage and processing of personal data in both Russia and other jurisdictions. Our lawyers’ profound knowledge of the problems faced by businesses in this sector enables us to organise risk management competently. In turn, this allows companies to avoid fines and reputational damage from breaching the legislation on personal data security and the cyber security rules.

Analysis of the client’s operating systems and the risk cancellation solutions offered on its basis permit us to build a compliant system for working with personal data even in the most sensitive sectors, such as medicine and pharmaceuticals. We also advise clients in crises and help them eliminate the consequences of shortcomings in personal data processing and company security systems, as well as when the company’s interests need to be defended in court.

The Technology Practice lawyers take part in creating legal regulation of research unique in Russia within the scope of federal programmes presupposing processing of large quantities of personal data, work on the legal aspects of aggregate operations, service companies, digital health projects of digital ecosystems, and help organise risk-free and legally appropriate interaction with consumers, including by ensuring reliable protection of users’ sensitive data.

We can help through:

  • Observance of the legislation on personal data security
  • Assessment of procedures for collecting, storing and transferring personal data and development of the requisite compliant processes and policies
  • Specifics of collection, processing and storing personal data on the Internet
  • Personal data security and risk management
  • Observance of the requirements on personal data localisation
  • Organisation of work with Big Data in sensitive sectors (such as medicine) and the public sector
  • Interaction with regulatory bodies, including Roscomnadzor, Ministry for Digital Development, etc.
  • Combatting of personal data leaks and minimisation of administrative and criminal law risks
  • Combatting of cyber-attacks
  • Settlement of disputes over breach of the personal data security legislation
  • Assistance in establishing special legal frameworks for implementing large-scale projects in the spheres of technologies associated with processing masses of data