Morgan O'Neill

Director of Data Protection Services within our specialist IP, Technology and Media Team, Morgan has extensive knowledge in the General Data Protection Regulation, UK Data Protection Act 2018 and Privacy Programme Management. She is accredited as a Certified Information Privacy Manager by the International Association of Privacy Professionals. 

With a pragmatic approach to data protection compliance, Morgan advises and supports clients across a range of sectors with the practical application of data protection law in their organisation through the provision of outsourced Data Protection Officer Services. Morgan’s key areas of expertise include privacy by design and default, data protection audit, risk management and she has vast experience of advising organisations in relation to marketing, data breaches, data subject rights, privacy impact assessments, policies and notices, international transfers of data and delivering targeted data protection training. Morgan works closely with clients to devise practical solutions to mitigate data protection compliance risks. 

Morgan joined Thorntons from a large retail energy business where she held the role of Data Protection Officer and Head of Regulatory Compliance and led the business’ complex GDPR readiness project and ongoing data protection compliance framework. Prior to this, Morgan held senior regulatory compliance positions in the USA and New Zealand.