• Contact us Phone
  • +61 3 9690 7222
  • or   info@informationlegal.com.au

OUR PEOPLE

testiman

Helaine Leggat – Director

Bachelor of Law | MAICD | CISSP | CISM | CIPP/US | CIPP/IT

Helaine's biography

Helaine Leggat a highly trained individual with an exceptional skill set. She is one of a few people in the world to hold a bachelor of law degree together with information security, governance and privacy qualifications from global leaders in these fields.

This skill set, together with extensive experience, has equipped her to make connections between the technical world of information technology, global business and national imperatives. Few professionals have the ability to provide this diversity of consulting services to clients, leveraging the empowering provisions of law and mitigating risk.

An executive director with over 20 years of experience, she is currently involved in providing strategic and practical advice to government entities and global organisations. Her client engagements and professional affiliations include numerous jurisdictions.

Sector Experience: All sectors.

Examples only. Numerous jurisdictions.

Banking (Barclays, Citibank, Virgin Money) - assessment and implementation of requirements relating to IM. Future scenario strategy planning. Online publishing and consumer protection. Audits, privacy and surveillance risk including the impact of DLPand forensic technologies. Application of international law to cyber threats.

Insurance (Zurich, African Life) – establishment of legally compliant standards based policy documentation and RDS Schedules. ICT legal compliance and risk assessments, reports and deliverables.

Resources (MMG, Rio Tinto, Xstrata, Anglo, Tenova) – global rollout of ERP technologies, legal compliance and RDS Schedules. Legal opinions and advice on business process and termination.

Emergency services (MFB) - telecommunications, IT and IM strategy.

Defence (Thales, Denel, Armscor) – Information and configuration management. ICT legal compliance and risk assessments, reports and deliverables.

Security printing (GPW/SA Department of Home Affairs) – risk and compliance assessment on ERP deployment, online publishing and eCommerce.

Retail and diversified (Pitney Bowes, Steinhoff International incl. Freedom, Snooze and Poco Australia) – legal compliance, risk assessment maturity matrices, cloud and consumer services. Data privacy and consumer protection. Corporate and IT Governance with ICT Charter.

Education (Department of Education & Universities of SA, Johannesburg, Pretoria) - ICT legal compliance and risk assessments on ECM deployment. Including IM classification and FOI (access to information) compliance.

Telecommunications (T-Systems) – for Gartner, corporate governance assessment including governance of ICT.

Other sectors - revenue services, agriculture, engineering.

MEMBERSHIPS

 

Australian Institute of Company Directors: MAICD (2015).

Expert Network: Entrepreneur’s Infrastructure Program (2014 - ongoing).

Australian Information Security Association (2013 – ongoing).

International Information Systems Security Certification Consortium Inc. (2009 – ongoing).

Information Systems Audit and Control Association (2010 – ongoing).

International Association of Privacy Professionals Australia and New Zealand (2013 – ongoing).

Information Security Group Africa (2010 – 2012).

See also Capability Statements: //www.informationlegal.com.au/practice/consulting.html

 

AFFILIATE MEMBERSHIP

Wireless Application Service Providers Association, SA: Adjudicator and Panelist (2006 – 2014).

Internet Service Providers Association, SA: Adjudicator and Panelist (2006 – 2014).

Discuss IT Podcast Portal: Host (2010 -2012).

Privacy Working Group of South Africa: Contributor to ISO 29100 standard of data privacy (2010 – 2011).

SPEAKING ENGAGEMENTS

Examples only. Numerous jurisdictions.

Asiacrypt 2014: The Legal Infrastructure Around Information Security in Asia.

Office of the Australian Information Commissioner, Gilbert and Tobin, Melbourne: International Association ofPrivacy Professionals Australia and New Zealand – Data inFlight (2014).

Women in Technology WA: -InformationProtection (2014), construction, research, wireless, internet, media, local authorities.

SPECIFIC EXPERTISE:
  • Information Law – the body of law that regulates information and information systems.
  • Information Security – the confidentiality, integrity and availability of information and information systems.
  • Information Privacy – the discipline and laws that regulate the collection, use, storage and disclosure of personal information.
  • Surveillance – the practice of surveillance and laws that limit privacy.
  • Information Management – activities and technologies pertaining to information through its lifecycle, including records and evidence.
  • Information Governance – activities and technologies to maximise the value of information and minimise the associated risks and costs.
  • Compliance and Risk – regulatory and policy based compliance aligned to risk appetite, culture and budget.
  • International Standards, Frameworks and Plans – to support legal and policy based compliance and which demonstrate due diligence and due care.
DIRECTORSHIPS

Information Legal Pty Ltd (2015 – ongoing).

Legate ICT Consulting Pty Ltd (2005 – 2013).

Information Systems Audit and Control Association (2012 – 2013).

iForest Information Management Pty Ltd (2005 – 2010).

Buys Inc. Consulting Pty Ltd (2004 – 2005).

Williams Palmer Property Services Pty Ltd (1998 – 1999).

Information Systems Audit and Control Association (1998 – 1999).

Cenprop Development Pty Ltd (1992 – 1996).

QUALIFICATIONS

Bachelor of Law – University of South Africa (1990).

Certified Information Systems Security Professional – International Information Systems Security Certification Consortium Inc. (2009).

Certified Information Systems Security Manager - Information Systems Audit and Control Association (2010).

Certified Information Privacy Professional – CIPP/US (2010).

Certified Information Privacy Professional – CIPP/IT (2010).

ARTICLES PUBLISHED

Aged and Community Services Australia: Agenda Journal Issue 69 Autumn – Aged Care and Australia’s changing privacy laws (2014).

International Association of Privacy Professionals Australia and New Zealand: Member Bulletin – More than the Bottom Line (2013).

International Association of Privacy Professionals Australia and New Zealand: Member Bulletin – Introducing Helaine Leggat (2014).

PROFESSIONAL DEVELOPMENT UNDERTAKEN

Examples only. Numerous jurisdictions.

Aged and Community Services Australia: Agenda Journal Issue 69 Autumn – Aged Care and Australia’s changing privacylaws (2014).

International Association of Privacy Professionals Australiaand New Zealand: Member Bulletin – More than the BottomLine (2013).

RMIT, Melbourne: The legal infrastructure around information security Asia / Australia (2014).

International Association of Privacy Professionals Deakin University, Melbourne: The legal infrastructure around information security Asia / Australia (2014).

2014 CSO Roadshow VIC: Panel session – Women in IT Security (September 2014).

Sydney: International Association of Privacy Professionals Australia and New Zealand – Data in Flight (2013).

PROFESSIONAL DEVELOPMENT UNDERTAKEN

University of Pretoria: Part time lecturer and external examiner– MBA eCommerce Program (2004 – 2005).

University of Johannesburg: Part time lecturer – InformationCommunication Technology Program (2004 – 2005).

Institute of Risk Management South Africa: NumerousPrograms (2003 – 2009). Compliance Institute of South Africa: Numerous Programs(2003 – 2009).
 

Numerous other public speaking engagements, debates, panel discussions, TV andradio interviews (2003 – 2014).