Dave Hughes

Principal Associate

Practice areas

• Commercial and IT
• Data centers
• Privacy, data protection and cybersecurity

Practice notes

Dave is a solicitor in our Privacy, Information Law and Cyber Security team.

Dave regularly advises Higher Education institutions on all aspects of compliance (including security breaches and individual rights) under the EU General Data Protection Regulation and the Data Protection Act 2018.

Dave also advises the sector on information requests received under the Freedom of Information Act 2000 and Environmental Information Regulations 2004.

Dave’s recent experience includes:

• Designing, implementing and managing privacy audits for GDPR readiness and post-GDPR gap analysis;
• Advising on security incidents and personal data breaches, working with clients to identify, analyse, mitigate and report (where necessary) incidents to the Information Commissioner’s Office, advising on risks, enforcement and notification to affected individuals;
• Preparing compliance documentation to improve internal audit trail (and to improve defensible position for the purposes of the GDPR Principle of Accountability) including fair processing notices, data protection policies, data sharing and processing agreements;
• Preparing and delivering training to clients on privacy, information law and e-marketing.

Dave has also recently worked with Brunel University of London, Falmouth University, Loughborough University and the University of Kent.