Matheson’s technology and IP law blog

Anne-Marie Bohan


Anne-Marie Bohan

Anne-Marie Bohan is a partner in both the Asset Management and Investment Funds Group and the FinTech Group at Matheson. As well as advising clients on the establishment and operation of investment funds, Anne-Marie has extensive experience in outsourcing and managed service contracts, technology contracts and data protection, with specific focus on the requirements of financial institutions and service providers in these areas. Anne-Marie has advised on significant number of complex financial services, fund administration and IT outsourcings and off-shorings. She has lectured on IT, data protection and financial services in the Law Society of Ireland, the National University of Ireland Maynooth, and more broadly. She is author of the Ireland chapter in Outsourcing Contracts – a Practical Guide (Lewis, Fourth Ed, 2012) and is co-author of the Irish chapter in PLC’s Outsourcing Guide and of the Irish chapter in Getting the Deal Through’s Data Protection Guide. Visit the Matheson website to read Ann-Marie Bohan’s full website bio.

Recent Articles

EU Committee votes in favour of data protection regulation

October 29th, 2013


After a broad consensus was reached between EU political parties, the EU Parliament’s Committee on Civil Liberties, Justice and Home Affairs (“LIBE”) has voted overwhelmingly in favour of a draft data protection regulation (the “Regulation”), which means the Regulation will move on to the next stage in the legislative process. The EU Parliament now has a mandate for negotiations with the Council and will work towards reaching a common agreement. The LIBE draft, which will form the basis of those… Read more…

Working Party issues guidance on binding corporate rules for processors

October 24th, 2013


Following its launch of processor binding corporate rules (“BCRs”) on 1 January 2013, the Article 29 Working Party (the “Working Party”), the independent body set up under the European Data Protection Directive to advise on the protection of individuals with regard to the processing of personal data, published an explanatory document on 19 April 2013. Controller BCRs became an increasingly succesful method of guaranteeing safeguards to personal data in a global context in the almost ten years since their adoption,… Read more…

OECD revises guidelines governing the protection of privacy and transborder flows of personal data

October 17th, 2013


In the first update of its 1980 Recommendation Concerning Guidelines Governing the Protection of Privacy and Transborder Flows of Personal Data (“Guidelines”), the Organisation for Economic Co-operation and Development (the “OECD”) released a revised version of the Guidelines on 11 July 2013. The Guidelines were internationally recognised and formed the basis for much of the data protection legislation in the EU, US and Asia. The revision was made to take into account technological advancements and the increased importance of personal data… Read more…

Irish Data Protection Commissioner and US Federal Trade Commission sign Memorandum of Understanding

October 11th, 2013


At a time of increased tension between the EU and US regarding data protection, the Irish Data Protection Commissioner and the US Federal Trade Commission have signed a Memorandum of Understanding (“MOU”) to support international cooperation between the two bodies on data protection matters.  The MOU, which has no binding legal effect, commits both bodies to use their best efforts to share information, assist in investigations relating to the common elements of their respective data protection laws, and cooperate in… Read more…

ICO publishes further guidance on encryption

September 27th, 2013


The UK Information Commissioner’s Office recently published further guidance (“Guidance”) on encryption on its blog. The Guidance supplements the ICO’s position on encryption which it published in October 2012. In the blog post, the ICO’s group manager for technology states that the ICO advises all organisations to use appropriate encryption if the loss of personal data could cause damage and distress to the individuals affected. The Guidance also clarifies that controlling access to a device using a password or PIN… Read more…