A guide for solicitors and law firms about data protection and the new General Data Protection Regulation (GDPR) has been published by the Law Society of Scotland.

It shows the steps solicitors should take to help comply with the new European Union regulation, which comes into force on 25 May.

The guide’s author, Laura Irvine, a partner at BTO, explained: "While solicitors in Scotland will be familiar with the Law Society rules on client confidentiality, GDPR is also concerned with protecting personal data, but it brings in a new principle of accountability for all organisations. The profession should see this as an opportunity to consider how it deals with personal data in the 21st century and I hope that this guide will assist solicitors in Scotland to do this."

Paul Mosson, executive director of member services at the Society, explained that although the profession was generally well prepared for the introduction of GDPR, and ultimately the Information Commissioner’s Office would be responsible for regulating GDPR and providing guidance, the new guide specifically for law firms would further help to promote compliance.

He commented: "All organisations that process personal data must comply with GDPR, but law firms face specific issues over privacy and how they handle data.

"It’s important that we can provide support for our members prior to the introduction of the GDPR later this month. Our guide considers the new regulation and the Data Protection Act from the perspective of a legal practice, looking at how GDPR will impact solicitors’ current processes and identifying the steps to take towards compliance."

The new guide has been sponsored by IT Governance, provider of governance, risk management and compliance solutions in IT. 

The Society has written to all law firms in Scotland about the guide, which will be updated with further information and advice once GDPR comes into force.

Click here to access the guide.