The EU General Data Protection Regulation (GDPR) and the Data Protection Act 2018 came into force in the UK on 25 May 2018.
Together they bring the most significant change in data protection regulation in 20 years. The regulation is designed to align privacy laws across Europe and increase protections and data privacy rights for individual citizens.
This page brings together guidance and support with education and learning resources from the Law Society and external agencies to help you and your firm understand the regulation.
Law firms generally face the same issues as other organisations in seeking to comply with the GDPR and, through our ongoing discussions with firms, we are identifying and exploring specific issues of concern around compliance.
This page will be regularly updated as we continue to consider what guidance we can provide in light of the evidence from GDPR compliance.
Pearl Moses talks to Jorren Knibbe about the impact that a 'deal' or 'no-deal' situation may have on data protection compliance.
The potential for high fines under the GDPR has attracted considerable publicity but in practice the ICO has many more enforcement tools.
If the UK leaves the EU without a deal, law firms and other businesses will need to consider whether their cross-border data flows are GDPR-compatible.
The GDPR and DPA 2018 enforce a high level of transparency on data controllers, including solicitors. We look at what this means in practice.
Data protection impact assessments (DPIAs) are a new, but in some ways familiar, feature in the data protection landscape.
This practice note outlines the regulatory requirements for solicitors to consider when closing down your practice.
GDPR has sparked questions about whether solicitors are generally data controllers or data processors.
Peter Wright explains ten key actions your firm should already be taking to actively demonstrate your compliance.
Guidance and support to help you and your firm understand and comply with GDPR.
How can you protect your firm from a data breach? We ask Peter Wright, managing director of DigitalLawUK, about the latest trends in cyber and IT security risk in a post-GDPR world.
Nick Denys, policy advisor at the Law Society, explores some of the challenges organisations face to remain GDPR compliant.
Sarah Richardson, who supports the Law Society’s children law sub-committee, discusses how the EU GDPR affects the data protection rights of children.
Andrew McWhir, policy advisor at the Law Society, discusses the Law Society’s GDPR guide for law firms.
Learn in this one hour webinar more about data transfer, adequacy decisions, EU/US Privacy Shield
Half-day conference on 26 September, where expert speakers will explore major DP challenges for solicitors, identify new technology danger spots, practical advice on mitigating risk and more topics of interest.
New online course, GDPR for managers featuring downloadable checklists and valuable resources from the Law Society and ICO.
Please contact us if you or your firm have a specific issue you would like to raise.