Tracy Andrew

Information Security and Compliance Officer


Tracy is the Information Security & Compliance Officer and Data Protection Officer (DPO) for Fieldfisher. Tracy is responsible for the management and maintenance of the information security across the organisation, as well as development and implementation of new policies and process to support the existing infrastructure. He also works in support of the Privacy and Information Law Group working with clients, post data breaches to implement remedial actions, investigation of incidents and also undertaking client information security audits, plus advising on potential information security risks for clients.

Tracy took the firm through certification to full ISO27001 compliance in March 2014 and recently managed our certification to Cyber Essentials. His past experience has been as Head of Information Governance in Berkshire NHS, a Defence Business Manager , with responsibility for all aspects of security for Racal Instruments Ltd and as the Business Manager for the Defence Industry Security Association (DISA)which acts as a collective representative body interacting with HM Government (Cabinet Office, Ministry of Defence, Foreign & Commonwealth Office, Home Office, etc.) and agencies within the defence arena, such as Rolls-Royce, BAE Systems, Thales, MBDA, etc.

Join Europe’s elite legal cyber security community.