Are you ready for GDPR?

Are you ready for the introduction of the new European General Data Protection Regulations (GDPR)? If not, you only have a little time to prepare, as the new rules come into force on the 25th May 2018.

Partner Ian Robinson said, “The fact that we are currently negotiating an exit from the EU does not mean that we can ignore new EU rules and directives.  GDPR is a case in point. Once the GDPR rules have been in place for a few months, the Information Commissioners Office (ICO) will be focussing on establishing compliance”.

The GDPR will replace the current Data Protection Act 1998. Whilst it can be said to be an evolution of the current data protection framework and should contain no large surprises for the majority of companies, it imposes stringent accountability and transparency obligations on data controllers including mandatory reporting of data breaches.

To get a taste of the scope of GDPR, one need look no further than the twelve step programme recommended by the ICO (https://ico.org.uk/media/1624219/preparing-for-the-gdpr-12-steps.pdf):
 

  1. 1. Awareness Make sure that key people in your organisation are aware of GDPR.
  2. 2. Current information Document what personal data the company holds, where it came from and who it is shared with.
  3. 3. Communicating privacy information Review your current privacy notices and make any necessary changes.
  4. 4. Individuals’ rights Check your procedures to ensure they cover all the rights of individuals.
  5. 5. Subject access requests Update your procedures and plan how you will handle requests for access to the information you hold.
  6. 6. Lawful basis for holding information Check that your information processing is lawful.
  7. 7. Consent Review, and refresh as necessary, your methods of seeking and recording consent.
  8. 8. Children Review whether you need to verify individual’s ages and whether you need to get parental consent.
  9. 9. Data Breaches Review your procedures to detect, investigate and report breaches in personal data.
  10. 10. Data Protection by Design The ICO has a code of practice which it would be advisable for your company to implement.
  11. 11. Data Protection Officer Appoint, or at least designate a staff member as, a Data Protection Officer.
  12. 12. International If your organisation operates in more than one EU member state, determine who you lead supervisory authority will be.

May 2018.

Change in Law for Rental Property

A new Act will come into force on 20th March 2019 which states that any property let by a landlord as a home must be fit for living in. This includes private renting, social housing and houses of multiple occupancy (HMO).

More Info

New service for identifying charitable bequests

Senior Probate Executive, Alanna White, comments on a new system alerting charities to when they have been left money in wills is to be established by HM Courts and Tribunals Service (HMCTS) following a decision to end its current arrangement.

More Info

Do you need to insure your car if you don’t drive it?

Partner, Hannah Jones, considers the implications of a recent ruling from the European court of Justice, which was asked “Do you need to insure a car that is kept secured off-road and which you have no intention of using?”

More Info

Uber drivers entitled to workplace protections

The ‘gig’ economy is characterised by the prevalence of short-term contracts or freelance work, as opposed to permanent jobs. It is either a positive working environment that offers a great deal of flexibility. 

More Info

Reviews

We’re proud to be associated with

  • The Law Society, Conveyancing Quality Accredited logo
  • The Law Society, Children Law Accredited logo
  • The Law Society, Criminal Litigation Accredited logo
  • The Law Society, Family Law Accredited logo
  • The Law Society, Family Law Advanced Accredited logo
  • The Law Society, Lexcel Accredited logo
  • Solicitors For The Elderly Accredited logo
  • Society of Trust and Estate Practitioners logo
  • Dementia Friends logo
  • Resolution logo