We have included an example of a data protection policy which members might find useful when thinking about what to include in their own policies.
GDPR guide for law firms
Data protection regulations from the perspective of a legal practice
- Law firms as data controllers
- Create a record of data processing
- Client confidentiality, legal privilege and limited exemptions
- Data retention
- Sharing data with third parties
- Data protection officers
- Security
- Reporting personal data breaches
- Requests for client personal data
- Appendix 1 - Consent
- Appendix 2 - Example of a data protection policy
- Appendix 3 - Background to the GDPR changes
