The EU General Data Protection Regulation (GDPR) and the Data Protection Act 2018 (DPA) came into force in the UK on 25 May 2018.
They bring the most significant change in data protection regulation in 20 years. The regulation is designed to align privacy laws across Europe and increase protections and data privacy rights for individual citizens.
Law firms generally face the same issues as other organisations in seeking to comply with the GDPR and, through our ongoing discussions with firms, we’re identifying specific issues of concern around compliance.
This page brings together guidance and support to help you and your firm understand the regulation.
Read our summary guide – GDPR for solicitors
Read our detailed guidance – GDPR and DPA guidance for solicitors in law firms
Download our guide – The General Data Protection Regulation: A guide for solicitors (PDF 435 KB)
The GDPR (General Data Protection Regulation) is a buzzword in the legal sector at the moment, and you may well be sick of hearing about it - but that doesn't make it less important an issue for firms to address.
Under the EU's General Data Protection Regulation (GDPR), aggrieved data subjects can sue firms for failing to secure their personal data properly. New statistics from the Information Commissioner's Office (ICO) showed that there was a 173% increase in data security incidents in the legal sector in Q4 2017 compared with the previous quarter.
What law firms can do to protect themselves.
In a recent survey of IT decision makers 25 per cent of respondents had cancelled preparations for the GDPR and 44 per cent thought GDPR won't apply to UK businesses after the UK has left the EU. Anna Drozd explains why law firms need to comply.
UPDATED 10 May 2017 Following great discussion on social media, it is probably helpful to highlight that the risk from using cloud storage systems is in particular from using the free online versions which the original post refers to. Read Peter's update about Dropbox, regulatory compliance and how a law firm was penalised by the ICO for having used a cloud storage system designed for private users for business purposes
Nick Denys, policy advisor at the Law Society, explores some of the challenges organisations face to remain GDPR compliant.
Sarah Richardson, who supports the Law Society’s children law sub-committee, discusses how the EU GDPR affects the data protection rights of children.
Andrew McWhir, policy advisor at the Law Society, discusses the Law Society’s GDPR guide for law firms.
Learn in this one hour webinar more about data transfer, adequacy decisions, EU/US Privacy Shield
Please contact us if you or your firm have a specific issue you would like to raise.
Join this conference to keep up-to-date on hot topics in legal risk and compliance.