Steps solicitors should take to comply with the General Data Protection Regulation are set out in a new guide published by the Law Society of Scotland.
Paul Mosson, the Society’s executive director of member services, explained that although the profession was generally well prepared for the introduction of GDPR, and ultimately the Information Commissioner’s Office (ICO) would be responsible for regulating GDPR and providing guidance, the new guide specifically for law firms would further help to promote compliance.
He commented: “All organisations that process personal data must comply with GDPR, but law firms face specific issues over privacy and how they handle data. It’s important that we can provide support for our members prior to the introduction of the GDPR later this month. Our guide considers the new regulation and the Data Protection Act from the perspective of a legal practice, looking at how GDPR will impact solicitors’ current processes and identifying the steps to take towards compliance.”
The guide features a data audit carried out with a high street firm to look at its data processing. Other firms can use the information gathered in the audit to evaluate their own data processes. Guide to GDPR also includes a template data protection policy, though firms will be responsible for determining how to comply on an individual basis.
Laura Irvine added: “While solicitors in Scotland will be familiar with the Law Society rules on client confidentiality, GDPR is also concerned with protecting personal data, but it brings in a new principle of accountability for all organisations. The profession should see this as an opportunity to consider how it deals with personal data in the 21st century and I hope that this guide will assist solicitors in Scotland to do this.”
The guide is sponsored by IT Governance. CEO and executive chairman Alan Calder said: “We are very pleased to be working in partnership with the Law Society of Scotland on this valuable GDPR project for its members. IT Governance is at the forefront of helping organisations around the world address the challenges of GDPR compliance. With many years’ experience in the legal sector, we are well placed to help firms get on track with their GDPR compliance projects, better understand their specific cybersecurity risks and help them through the challenges ahead.”
The ICO has encouraged the Society, as a professional body, to continue to provide updates to members once GDPR comes into force. The Society has written to all law firms in Scotland about the new guide, which is available here.
In this issue
- Levelling the land: pro bono expenses orders
- PSLs – an evolving role
- Children's panel appeals and client expectations
- APS and asps
- Reading for pleasure
- Opinion: Sarah Prentice
- Book reviews
- Profile: Katie McKenna
- President's column
- Use DPA to cut rejections
- People on the move
- Succession planning: five key steps
- A broader view of practice
- The Death of a Law Centre
- Something rotten
- Taking the strain in difficult executries
- Gender pay: a common cause
- Law, an emotional process
- Brexit: the devolution factor
- The PI Court makes its mark
- The house the Grants built
- New questions over statements
- Gender pay gap reporting: how employers can action change
- Human rights may not plug the gap
- Deferred debt arrangements: a missed opportunity?
- Scottish Solicitors' Discipline Tribunal
- LBTT: beware the crackdown
- Beating the career block
- Public policy highlights
- OPG update: new bond arrangement
- Profile of the Profession runs again
- Q & A corner
- GDPR: help is at hand
- Risk management – that ubiquitous topic
- Ask Ash
- Time to take aim at targets
- AML: don't miss the 26 June deadline
- Expert Witness Index 2018
- The right diagnosis
