GDPR – What do you need to do?

The General Data Protection Regulation takes effect on 25 May 2018.

All firms need to address the following –

  • Risk assessment – map the data you hold, identify the lawful basis on which you process it, review how long you keep it, and satisfy yourself you are taking reasonable steps to secure it.
  • Review consents, if you are relying on them.
  • Appoint a Data Protection Officer if you need to.
  • Record keeping.
  • Train staff.
  • Review your recruitment procedures.
  • Review your contracts with data processors
  • Check whether you are transferring data outside the EEA (e.g. cloud providers) and make sure you have a lawful basis for doing so.

How Legal Risk can help

We can help with your risk assessment process.

We can also advise on documentation and dealing with subject access requests and other issues which may arise in practice.

Useful links

Legislation:

European Commission & Article 29 Working Party:

ICO:

Law Society:

Bar Council:

Council of Bars and Law Societies of Europe:

LATEST PUBLICATIONS, Events & News

  • 18 . 04 . 2018 SRA proposals for PII reform – are there any winners? | JLT SRA proposals for PII reform – are there any winners? | JLT

    First published here.

    Download
  • 29 . 03 . 2018 Risk Update March 2018 Risk Update March 2018

    Demolition job: SRA Consultation on Professional Indemnity Insurance (PII)-Challenging opponents’ legal costs-What is integrity?-General Data Protection Regulation-Conflicts of Interests and Confidentiality-AML-Non-disclosure agreements

    Download
  • NEXT EVENT Liverpool Law Society – Compliance Conference 2018 Liverpool Law Society – Compliance Conference 2018 Location: Liverpool Law Society, 2nd Floor, Helix, Edmund Street, Liverpool, L3 9NY Start: May 23, 2018 RECENT NEWS