David Sinclair

Consultant Information Law Solicitor

Last updated on May 9th, 2022 at 11:11 am

Following a career in construction and health and safety, David qualified as a regulatory solicitor and Chartered Health and Safety Practitioner in 2005.  Now an Information Law Solicitor, David has extensive experience gained in-house at an NHS Foundation Trust and in private practice, advising clients on data protection, freedom of information, environmental information and common law confidentiality, as well as on the Privacy of Electronic Communications Regulations and other areas of information law.  David represents companies, public bodies and not for profit organisations in police and ICO investigations following cyber-attacks and data breaches, including as part of a cyber incident investigation team.  He also advises boards and senior managers on data subject rights, information security management, data sharing and other aspects of data protection compliance.

Commended by clients for his clear advice and practical, down to earth approach, David undertakes due diligence, systems review and audit work to assist organisations to meet their information assurance and cyber-security compliance obligations.  David also provides company and trustee board and senior management data protection training.  David has a Master of Laws degree in Information Law and Practice and he is due to complete an MSc. in Information Security Management in early 2022, before continuing with research for a PhD.

Practice areas

David’s areas of practice include:

  • GDPR and DPA 2018 compliance
  • Data sharing
  • Data subject rights
  • Data mapping and a Register of Processing Activities
  • Data protection policies and procedures
  • Consent to data processing
  • Data processing contracts and data sharing agreements
  • Risk assessment (including data protection impact assessments)
  • Records management and data security
  • Cyber-attack and data breach incident response and management
  • Data compliance reviews and audit
  • Board, manager and specialist information law training

David also advises on health and safety and healthcare safety law, advising on and representing clients in relation to HSE, local authority and CQC investigations.


  • Running and cycling


  • MSc Information Security Management, Northumbria University
  • LLM Information Law & Practice, Northumbria University
  • Legal Practice Course, College of Law (York)
  • Postgraduate Diploma in Law, College of Law (Birmingham)
  • Postgraduate Diploma in Environmental Management Practice, University of Durham
  • BSc. (Hons.) Occupational Health and Safety, Leeds Metropolitan University

Recent work

David has advised clients on a wide-range of contentious and non-contentious data protection and freedom of information matters.  I have just completed an online harms guidance for primary care staff.   I am currently advising clients on the proposed changes to data protection law and practice arising from the government’s National Data Strategy and its consultation on Data: A new direction, as well as on data sharing and GDPR compliance.

Linkedin: View Profile

Email: david.sinclair@jonathanlea.net

Our Team