Add a bookmark to get started

James Clark

Responsive, and with an ability to provide pragmatic, considered advice.
GC, international healthcare company

James Clark is a data protection, privacy and cyber security lawyer who is passionate about all areas of ‘data law’. He demystifies this complex area for his clients and prides himself on delivering thoughtful and practical advice.

James has worked on international projects his entire career and has spent time on secondment in the firm’s Brussels and Washington, D.C. offices. He has a particular focus on the life sciences, insurance and government sectors, and leads the firm’s privacy law practice for the life sciences sector.

James has led numerous multi-jurisdictional advisory projects and data protection audits. He loves working with clients early in the design of new products and services to ensure that privacy compliance is ‘baked in’ and complex regulatory issues are solved before they become enforcement risks.

Alongside his advisory practice, James also has extensive experience of proactive and reactive cybersecurity work and has advised sophisticated multi-national clients on major security incidents. He also has deep experience on working with the UK Government on data protection policy, and has advised on issues including Brexit, UK data protection law reform, and international transfer strategy.

Away from the office, James speaks and writes regularly on data protection, including for the PDP Journal and Thomson Reuters. James is also the co-editor of the popular Data Protection Laws of the World website.


  • Managed comprehensive, multi-jurisdictional GDPR compliance reviews for a number of clients including a global insurer and a major financial institution.
  • Advised the UK Government on sensitive policy issues related to data protection law reform and international transfers.
  • Advised the Department of Health on all data protection law issues associated with its ground-breaking genomic medicine service, and on aspects of its public-facing Covid-19 programmes and applications.
  • Designed and implemented an end-to-end privacy risk assessment and DPIA programme for a major biopharma company.
  • Advised an international pharmaceutical services company on its global response to a major ransomware attack.
  • Acted as outside privacy counsel to one of the world’s largest insurance companies on all day-to-day data protection compliance issues and programmes.
  • Advised an international health insurance company on the data aspects of the sale of its health insurance business.