GDPR Breach avoidance for Law Firms

Breach avoidance, handling, breach analysis,
and remedial actions for Law Firms.

There are penalties that apply when a breach has occurred – possibly up to €20M
or 4% of turnover, whichever is the greater. The maximum fine depends on which article
and/or what type of data loss has occurred.

Request a free, no obligation meeting

Download our free GDPR breach avoidance brochure

Download our free PDF to learn how Accesspoint Legal Services can make your Law Practice GDPR compliant. Simply Enter your email address below and the brochure will be automatically emailed to you.

    What constitutes a breach?

    For the purposes of the GDPR, a data breach is one that comes from destruction (either unlawful or accidental), alteration, loss or unauthorised disclosure or access to personal data.

    Who do you inform and when?

    You must inform the regulator, also known as the Supervisory Authority, within 72 hours that a breach has taken place. In the UK, the Supervisory Authority is the Information Commissioner’s Office (ICO).
    If you tell the regulator after 72 hours have passed, then there must be ‘reasoned justification’ for the delay in reporting it. In addition to the regulator, you must inform the data subjects without delay if the data breach is likely to be high risk to the freedom rights of the data subjects.

    Contact us to become GDPR Compliant

    There is a huge amount of basic common sense inextricably woven into the GDPR jigsaw.

    Much of this relates to the cultural set-up of a firm, which can be translated into the principles of good governance. All staff within your firm from Solicitors to Admin staff need to be both informed and involved if you are to avoid stumbling over one of the numerous tripwires contained in the Regulation.
    Law firms are all going to need to think carefully about the resources needed to support the smooth and secure operation of GDPR.  There are strict time limits involved in certain aspects of the GDPR portfolio, crucially in the issues of DSAR’s and Breach reporting. To ensure that there is continuing compliance they need to be documented, regular processes and systems reviews. One of the most significant of these is the importance of a culture of openness and transparency in dealing with breaches and Data Subject Access Requests (DSAR’s).

    Request a no obligation GDPR meeting

    Needless to say, that the GDPR now tests all Law firms UK wide, with no exception and all need to be prepared and very importantly aware of the detail. For more information and a free no obligation meeting contact us