Current data protection law was designed in the early 1990s. Advances in technology, such as the internet, mobile devices, and social media to name a few, mean that the Data Protection Act 1998 is no longer fit for purpose. New legislation aimed at protecting personal data in the world we’re living in today, known as the General Data Protection Regulation or GDPR, comes into force on 25 May 2018.
While GDPR will clear up some grey areas around 21st century data usage, it will also introduce new concepts and potentially huge fines for breaches – up to €20 million or 4% of company turnover.
Beyond the financial implications of getting it wrong, reputational damage is another likely outcome. For law firms and legal teams, held to high ethical and professional standards by their regulator not to mention their clients and the public, a breach could be catastrophic.
This must-attend course walks you through the rules, identifying the most significant changes and explaining how you and your organisation can prepare to ensure compliance. As part of this highly practical day, you will create your own plan to ensure GDPR compliance in your firm.
This course is tailored for solicitors working in-house or in private practice, and will assume a working knowledge of current data protection legislation.
On this one-day course you will learn:
• Why law firms and legal teams need to pay attention to data protection
• Background to GDPR
• How GDPR will affect your law firm or legal team
• Data protection obligations under the 1998 Act and how these change under GDPR
• The Brexit effect on GDPR
• Nine key changes brought in by GDPR
• Mandatory Data Protection Officers – when do you need one?
• Changes in territorial scope – do they affect you?
• The complexities of making international transfers of data
• New responsibilities for data processors
• New penalties and auditing powers of the ICO
• Privacy by design
• Risks and consequences of a data breach