• The EU General Data Protection Regulation (GDPR) and the Data Protection Act 2018 came into force in the UK on 25 May 2018.

    Together they bring the most significant change in data protection regulation in 20 years. The regulation is designed to align privacy laws across Europe and increase protections and data privacy rights for individual citizens.

    This page brings together guidance and support with education and learning resources from the Law Society and external agencies to help you and your firm understand the regulation.

    Law firms generally face the same issues as other organisations in seeking to comply with the GDPR and, through our ongoing discussions with firms, we are identifying and exploring specific issues of concern around compliance.

    This page will be regularly updated as we continue to consider what guidance we can provide in light of the evidence from GDPR compliance.

  • 1 2 3 Next

    Brexit and the legal sector - our work so far

    Although it remains unclear when and how the UK will withdraw from the EU, we continue to advise our members to prepare for all eventualities.

    29 March 2019

    Data protection and Brexit

    Pearl Moses talks to Jorren Knibbe about the impact that a 'deal' or 'no-deal' situation may have on data protection compliance.

    28 March 2019

    GDPR in practice: ICO enforcement powers

    The potential for high fines under the GDPR has attracted considerable publicity but in practice the ICO has many more enforcement tools.

    9 January 2019

    GDPR in practice: Cross-border data flows and Brexit

    If the UK leaves the EU without a deal, law firms and other businesses will need to consider whether their cross-border data flows are GDPR-compatible.

    19 December 2018

    GDPR in practice: Legal professional privilege and client confidentiality

    The GDPR and DPA 2018 enforce a high level of transparency on data controllers, including solicitors. We look at what this means in practice.

    6 December 2018

    GDPR - Data Protection Impact Assessments

    Data protection impact assessments (DPIAs) are a new, but in some ways familiar, feature in the data protection landscape.

    28 November 2018

    No-deal Brexit guidance: Data protection

    This guide highlights the implications of lawful transfers of EU personal data in the UK should the UK leave the EU without reaching an agreement.

    8 November 2018

    Closing down your practice: regulatory requirements

    This practice note outlines the regulatory requirements for solicitors to consider when closing down your practice.

    2 November 2018
    Practice note

    GDPR - Controllers and processors

    GDPR has sparked questions about whether solicitors are generally data controllers or data processors.

    31 October 2018

    GDPR: 10 things you should already be doing

    Peter Wright explains ten key actions your firm should already be taking to actively demonstrate your compliance.

    17 September 2018
    1 2 3 Next
  • Podcasts

    The GDPR and employment lawyers

    Nick Denys, policy advisor at the Law Society, explores some of the challenges organisations face to remain GDPR compliant.

    The GDPR and children’s rights

    Sarah Richardson, who supports the Law Society’s children law sub-committee, discusses how the EU GDPR affects the data protection rights of children.

    The GDPR guide for law firms

    Andrew McWhir, policy advisor at the Law Society, discusses the Law Society’s GDPR guide for law firms.

  • Publications

    key lock
    International data transfer

    Learn in this one hour webinar more about data transfer, adequacy decisions, EU/US Privacy Shield

    International data transfer > More
  • Webinars

    professional development centre
    GDPR for managers: an introduction

    New online course, GDPR for managers featuring downloadable checklists and valuable resources from the Law Society and ICO.

    GDPR for managers: an introduction > More
    key lock
    International data transfer

    Learn in this one hour webinar more about data transfer, adequacy decisions, EU/US Privacy Shield

    International data transfer > More
  • Contact us

    Please contact us if you or your firm have a specific issue you would like to raise.

  • Recommended

    New frontiers in DP
    New frontiers in data protection conference

    Half-day conference on 26 September, where expert speakers will explore major DP challenges for solicitors, identify new technology danger spots, practical advice on mitigating risk and more topics of interest.

    New frontiers in data protection conference > More
  • Filter by date

    Select dates: