Data Protection & Privacy

Cybercrime and IT security are currently top of the list of concerns for most Risk teams.

The UK GDPR and the Data Protection Act 2018 are the UK’s implementation of the General Data Protection Regulation (GDPR).

All our partners have qualifications in Data Protection. We provide specialist face to face training on Data Protection for professional firms.

We are able to advise you on issues such as these:

What do we need to do to comply with the UK GDPR?
Someone has sent us what looks like a Subject Access Request. What do we have to send her and when?
How do we respond to a Subject Access Request which involves someone else’s confidential data?
What rights do our clients and staff have, in relation to their data? How long can we keep it? What can we use it for?
Are law firm client files regarded as data?
What do we need to tell our clients before we collect their data? What should we put in our Terms of Business?
What steps must we take to safeguard the data we hold?
The senior partner has lost his laptop. Do we need to tell the Information Commissioner’s Office (ICO)?
Can we send marketing messages or make sales calls? Can we use cookies?
Can we send data abroad? Can we store it in the Cloud?
Can we install CCTV on our premises?
What steps must we take to control a company that processes data on our behalf, e.g. payroll company, or confidential waste management agent?
Do we need to register with the ICO?