GDPR Is Coming - Are You Prepared?
On 25 May 2018 the General Data Protection Regulation (GDPR) will come in to force in the UK and across the EU; when it does, all organisations that hold data on individuals - which, in the modern technologically driven world, is as good as saying every organisation - will be considered to be a data controller, with all of the responsibilities and liabilities that this entails.
All companies must comply with the new regulations or face stiff penalties of up to €20m, or 4% of annual turnover, yet despite this, and even though the regulations are less than a year away, there is evidence that many organisations have yet to even begin preparing for the new regime, and anecdotal evidence suggests that law firms may be lagging behind in terms of understanding their responsibilities as data controllers.
In his article Under Control, Owen O'Rorke, associate at data protection law specialists Farrer & Co, discusses how the new regulation will affect law firms, and explores the steps your firm should be taking to prepare for GDPR. This is essential reading for all firm managers / managing partners - or, at least, those who wish to avoid being penalised under the new regulations.