Data protection and GDPR
The digitisation of data and increased mobility and connectivity has facilitated the flow of personal information around the world. Unfortunately, easier access to data increases the risks of personal information falling into the wrong hands.
We advise on the full range of data protection matters, including:
The General Data Protection Regulation (GDPR) is now directly applicable in all EU member states, replacing the Data Protection Act 1998. We can advise on what this means for your business and how to prepare for the changes to the law.
Assessing whether the processing of personal data requires the consent of the individuals concerned, and what information needs to be given to individuals about the processing of their data, circumstances in which personal data may be disclosed to third parties, and whether the sale of personal data will breach GDPR, PECR and data protection rules.
Personal data and employees
Working with human resources managers on data protection issues to do with advertising, pre-employment vetting, occupational health schemes, pensions, appraisal, discipline, dismissal and the retention of records.
Reviewing client procedures on data protection audits, or alternatively, advising clients on how to complete a data protection audit themselves.
Overseas transfer of personal data
Advising clients on how to avoid breaching GDPR and data protection laws when processing data outside the EU.
We have recently advised on:
- Data protection compliance monitoring procedures for a large national charity
- A hospital’s compliance with data protection legislation in keeping patients’ electronic medical records
- Auditing the data protection procedures of an investment management company
- Data protection issues arising in employment litigation