Getting Ready For The New General Data Protection Regulation
In our latest White Paper, our guest author Richard Robinson, Managing Director of Legal Compliance Services, outlines the steps Law Firms will need to take to ensure they are meeting their obligations when the new EU General Data Protection Regulation (GDPR) comes into effect in May 2018.
A massive shake-up in data protection law is upon us. On 25th May 2018 legislation implementing the EU General Data Protection Regulation (GDPR) and the Data Protection Law Enforcement Directive will replace the Data Protection Act 1998.
Given the amounts of information, often sensitive personal data that law firms handle, the ICO and SRA will be expecting all firms to demonstrate they are dealing properly with their obligations.
A lot of scaremongering and headlines focusing on crippling fines and punishments have led to a great deal of confusion. Due to the volume of (mis)information and less than clear nature of the task, many firms are burying their heads in the sand. However, there is no getting around the fact that the new regulations will require careful consideration and appropriate action by all firms, no matter what type or size. As of next May, you will have to be able to demonstrate that you have “the appropriate technical and organisational procedures” and that you are taking all reasonable steps to manage and protect data.
With the average implementation time for small businesses estimated at six months (and ten months and above for others), now is the time to start reviewing your existing data protection compliance to ensure you are not only ready to meet the new requirements, but also that you are already meeting your existing obligations...
View White Paper