We have included an example of a data protection policy which members might find useful when thinking about what to include in their own policies.
GDPR guide for law firms
Our guide looks at the regulation and the Data Protection Act from the perspective of a legal practice.
- Law firms as data controllers
- Create a record of data processing
- Client confidentiality, legal privilege and limited exemptions
- Data retention
- Sharing data with third parties
- Data protection officers
- Security
- Reporting personal data breaches
- Requests for client personal data
- Appendix 1 - Consent
- Appendix 2 - Example of a data protection policy
- Appendix 3 - Background to the GDPR changes
