Sprout IT: The legal IT landscape right now
As 2018 draws to a close, many in the legal sector will remember it as the year of the General Data Protection Regulation (GDPR). In the six months prior to its introduction, we sensed a growing concern within solicitors’ practices and barristers’ chambers about the extra imposition the regulation would present them together with an occasional lack of certainty on whether their firm was really ready to cope with it.
So far, so good. Although, as a firm, we have always prided ourselves on our level of engagement and communication with our clients, we have helped more firms through a mixture of consultancy, training, and technological solutions than throughout our 12-year history as a business. There is a lot of awareness out there as well as a hard-headed commercial judgement that a firm will not be caught out.
Continued GDPR mindfulness
We will still all have to be mindful about GDPR. There has been no case law established on it just yet and, while case law will not alter the text of the regulation, it will affect judges’ interpretation of alleged breaches and the level of punishment attached to such breaches. Any such punishment will, of course, be in addition to any fines and penalties levied by the Information Commissioner’s Office.
GDPR policies across your firm should be reviewed once a year in the round and you should get reports and take soundings from colleagues every month on your firm’s interpretation of the law and its implementation.
Sprout IT’s Data Protection Office as a Service provides advice, guidance, and application strategies on all aspects of GDPR compliance, including:
- Team and individual responsibilities in your firm,
- Data auditing,
- Data mapping,
- Data collection scope and justification for the data you hold,
- Internal processes and policies,
- Data breach avoidance,
- Data breach reporting,
- Rights of erasure,
- Subject access requests, and
- Relationships with third parties.
To read a full article, visit Sprout IT’s website