GDPR compliance

GDPR compliance guidance:

Forthcoming changes: The UK has voted to leave the EU and this will take place on exit day as defined in section 20 of the European Union (Withdrawal) Act 2018. This has...

Practice Note

Forthcoming changes: The UK has voted to leave the EU and this will take place on exit day as defined in section 20 of the European Union (Withdrawal) Act 2018. This has...

Practice Note

ARCHIVED: This archived Practice Note provides information on the data protection regime before 25 May 2018 and reflects the position under the Data Protection Act 1998...

Practice Note

This Practice Note discusses the impact of Brexit on the general processing of personal data under the General Data Protection Regulation, Regulation (EU) 2016/679...

Practice Note

ARCHIVED: This archived Practice Note provides information on the data protection regime before 25 May 2018 and reflects the position under the Data Protection Act 1998...

Practice Note

This Practice Note provides practical guidance on how to undertake data mapping. It is based on an article by Nicola Fulford of Hogan Lovells and Krysia Oastler of Kemp...

Practice Note

Legislative background and guidance Regulation (EU) 2016/679, the General Data Protection Regulation (GDPR) was directly applicable in the UK from 25 May 2018, and the...

Practice Note

Archived: This archived Practice Note provides information on the data protection regime before 25 May 2018 and reflects the position under the Data Protection Act 1998....

Practice Note

A data protection impact assessment (DPIA) does what the name suggests—it’s a way of assessing the data protection impact of a particular project or process on any...

Practice Note

ARCHIVED: This archived Practice Note provides information on the data protection regime before 25 May 2018 and reflects the position under the Data Protection Act 1998...

Practice Note

The General Data Protection Regulation, Regulation (EU) 2016/679 (the GDPR) contains a set of core data protection principles that controllers must comply with. These are...

Practice Note

Why you need to manage this risk Data protection is one of the most challenging areas of risk management—the law is complex and wide-ranging, it operates at domestic, EU...

Practice Note

This Practice Note explores issues and best practice relating to the sharing of personal data between controllers (including joint controllers and independent...

Practice Note

You must monitor, report (to the SRA) and, where appropriate, publish data regarding the diversity of your workforce. The SRA is prescriptive about what data you must...

Practice Note

An employer will usually wish to process, ie collect, use and record, data concerning an individual’s health (health information) in a number of different circumstances....

Practice Note

ARCHIVED: This archived Practice Note provides information on the data protection regime before 25 May 2018 and reflects the position under the Data Protection Act 1998...

Practice Note