Our GDPR guide for law firms provides a step by step guide to understanding GDPR. The requirements under the GDPR are broadly similar to the Data Protection Act 1998 (DPA) but they give additional weight to the rights of the subjects of any data collection, most obviously, in terms of penalties.
You can find the official text of the General Data Protection Regulation at eur-lex.europa.eu.

GDPR guide for law firms
Data protection regulations from the perspective of a legal practice
- Law firms as data controllers
- Create a record of data processing
- Client confidentiality, legal privilege and limited exemptions
- Data retention
- Sharing data with third parties
- Data protection officers
- Security
- Reporting personal data breaches
- Requests for client personal data
- Appendix 1 - Consent
- Appendix 2 - Example of a data protection policy
- Appendix 3 - Background to the GDPR changes
We're publishing a series of blogs from experts, including members of our Privacy Law Committee, about the key issues and considerations you should take into account.
