EU GDPR and law firms #2: How can you prepare?

EU GDPR and law firmsOrganisations across the board are likely to be affected by the new regulations. However, EU GDPR and law firms is rapidly becoming the headline news in the legal industry.

In my last post, “EU General Data Protection Regulations #1: What does it all mean?”, I gave a snapshot of the regulations and what they involve. Let’s now look at a few simple measures you can take in readiness for them.

Prepare your practice for data security breaches.

In an ideal world, you’d never wish to be on the receiving end of breaches in data security. However, the worst sometimes does happen and it makes sense to prepared.

Make sure you have clear policies and well-rehearsed procedures in place. These will enable you to act quickly to any breach and notify the authorities within the required timescales.

Set up protocols for accountability.

This is all about establishing clear, effective policies and procedures. You can then use these both to remain within the regulations and prove to regulators that you meet the required standards.

It’s one thing to have the policies in place. To make them work effectively they should be backed up by constant monitoring. Review your data processing procedures regularly with the aim of reducing data processing and retention to only that which is required. Staff training is the key to this. To keep on top of your obligations, you can carry out regular privacy impact audits to review your procedures and correct any concerns that may arise.

Understand the legal basis on which you use personal data.

It’s essential to take a look at what personal data processing you undertake. Relying upon consent from clients does not necessarily mean you can use data for other purposes without renewed consent. If you do rely on consent, review whether your documents and forms of consent are up to the job. At the end of the day, the burden of proof rests with you.

Check and upgrade your privacy policies and notices.

The EU GDPR requires that the information you provide to your clients about their data usage should be in clear and easily understandable language. All your policies should be transparent and readily accessible.

Understand the rights of your clients.

Your clients have the right to ask for a variety of things. They can ask for the right to erasure of data and, indeed, the right to data portability where appropriate. With this in mind, you should always consider what the legal grounds are for storing client data. Again, the burden of proof to show that legitimate grounds override client interests lies with you.

Don’t forget about cross-border work.

The new regulations cover organisations domiciled outside of the EU. If you are conducting cross-border work, you should ensure that you have a sound legal basis for transferring personal data to other jurisdictions. Obviously, this is not a new concern. However, it’s worth bearing in mind the penalties for getting it wrong. Failure to comply can leads to fines of up to 4% of annual turnover.

Let your PMS ease the burden.

All good practice management systems contain elements designed to assist you to perform risk and compliance checks. The better ones, have a structured approach to task management built-in from the point of the creation of a new matter. For the more advanced PMS systems, it is straightforward to build your protocols into this or into a workflow within the software. It’s worth thinking about as a mechanism for automating your protocols.

For further information on how LawWare can assist you with this and your practice management, please follow this link.

For a full examination of the new regulations, DLA Piper has produced a detailed report which you can view here.

EU General Data Protection Regulations #1: What does it all mean?

Mike O’Donnell. May 2017.

© LawWare Limited 1995-2021


Join over 475 law firms across the United Kingdom.

Our clients range from small start-up legal practices to multi-partner, multi-site firms.

Another great customer service experience from LawWare. My laptop had to be stripped back to factory settings as part of a repair - taking hours! In contrast, restoring LawWare took one phone call to the support team and I was up and running in 6 minutes. If only everything was so easy!

VI pensions Law Ltd.
Vanessa Ingram

As the first commercial user of LawWare back in 1998, we have had no hesitation in remaining with the product through its development. We thoroughly recommend it to any firm looking for a practice management system.

Alastair Hart & Co.
Alastair Hart

The helpdesk is exceptionally good. Whatever the query there is always a human being there to help. No leaving messages or being advised to go to a website. The best computer service for solicitors I have ever used!

South Forrest
Irene Yule

The linking of documents and casefiles saves so much time! I have experience of several accounts packages and I like that LawWare is simple to use and easy to learn. Support is quick and effective and staff are helpful and courteous.

Sprang Terras
Fiona Allison

I have worked with a number of Case Management providers over the years but have not come across anything with the attention to detail and thoroughness of LawWare. My colleagues and I have not been disappointed.

Brymer legal Ltd.
Professor Stewart Brymer

I can’t imagine trying to be a law firm in the 21st Century without 21st Century IT systems. Having a ‘single system’ that underpins all the work, whether we are in the office or out, is an integral part of what we are building.

Sneddon Morrison
Eric Lumsden

The level of support is the main benefit using this system.  The system itself once you have had training is simple and easy to use. We have a great relationship with LawWare and the ongoing support is second to none.   

Linda George Family Law
Sharon Rodger

Significant preparation was required to configure and import the data from our old firm. We had to get all clients onto the new system and then learn how to use it. We just find it very easy to use, much easier than our old system.

Scanlon Ewing
Maureen Ewing

Being a busy litigator with a growing firm it is incredibly useful to be able to view my files from any location with some form of internet connection. I am a fan, and want to keep working with LawWare to make a good product great.

Helix Law Limited
Jonathan Waters

The switch to the new LawCloud system, which is still on-going, has gone very well. We found the LawWare team without exception to be very helpful and knowledgeable. All queries are followed up and dealt with promptly.

Cullen Kilshaw
Ross Kilshaw

interested in

Explore LawWare

Connect With Us

Scroll Up