We provide prompt, accurate and tactical legal advice. We work with clients to provide solutions that fit harmoniously with their internal processes and culture in order to enhance and develop existing compliance.
For commercial organisations
Compliance with information law requirements can be seen as a luxury or an unnecessary distraction from the every day business of an organisation. But compliance with the Data Protection Act (DPA) makes good business sense and can save money and effort in the long run. Poor compliance can be a source of significant risk to reputation and customer confidence. It can also result in prosecution, civil claims and enforcement action including the imposition of monetary penalties. Developments at EU level both in proposed legislation and in European Court decisions mean data protection and information security compliance are and will remain key business priorities – full compliance with the DPA now will put UK businesses in the best place as EU law in this area unfolds and develops.
Public sector organisations
We face challenges and operate in an environment subject to continuous scrutiny – we help clients understand their obligations, implement appropriate systems for compliance and manage specific challenges as they arise from time to time.
We provide well informed, but practical advice in connection with information requests made under the DPA, the Freedom of Information Act and the Environmental Information Regulations and in relation to Information Commissioner investigations.
As well as providing legal advice on data protection and freedom of information issues, our expert lawyers provide guidance on:
Our clients include charitable bodies, universities, schools and colleges, health and social care providers, public authorities and commercial organisations generally as well as data rich businesses ranging from start ups processing data in novel ways through to large corporates involved with cloud computing and trans-border data flows.
We deliver BCS (formerly ISEB) accredited training courses quarterly from our own offices and also on an in-house basis by arrangement. We also deliver tailored training to clients on information management issues including data protection. This ranges from high level training to assist executive boards to identify risk and set strategic priorities, to detailed technical training for information governance officers, and whole workforce training to raise awareness, enhance compliance and comply with ICO recommendations following enforcement action. We provide regular updates and briefings on UK and European data protection and information law developments.
We also work closely with the Centre for Information Law at the University of Winchester (one of only two such dedicated centres in the UK).
Through our membership of the IT law network euroITcounsel (a network of leading IT/data privacy Firms) we are able to provide seamless data privacy advice across all the main EU jurisdictions and we also work with specialist lawyers in other jurisdictions including the USA to ensure we can provide authoritative advice and guidance on data handling in an increasingly global environment.
Whilst many organisations have focussed on what the GDPR means for customer/client/supplier data from 25 May, have you taken the right actions with regard to your staff?
Ruth Christy explains what employers need to consider when handling employee medical information after the new rules comes into force.
With the GDPR due to come into effect later this month, HR departments need to be careful when processing data relating to an employee’s health – even if they have the employee’s consent to do so.
Our expert Jon Belcher explains the election result will have an impact on data protection law in the UK.
Ensuring your IT systems are secure is necessary not only as part of good business practice, but also because organisations holding information about individuals have specific regulatory obligations under the Data Protection Act 1998.
The ICO has issued a £400,000 penalty to Keurboom Communications Limited for breaches of the Privacy and Electronic Communications Regulations. Keurboom had made nearly 100 million automated marketing calls over an 18 month period!
The Data Protection Bill (the Bill) was placed before the House of Lords on Wednesday (13th September). A copy of the Bill in its current form was published shortly afterwards and can be found...
the GDPR will become directly applicable in all EU member states and, despite Brexit negotiations, the UK Government has confirmed that it will be implementing these new rules in full. Designed to be more future-proof than its predecessor.
The Queen’s Speech on 21 June set out the UK Government’s legislative programme included plans for a Data Protection Bill to ensure that the UK retains its “world-class” data protection regime.