Data protection compliance

Protecting sensitive data is paramount. Legal practitioners must stay ahead of evolving regulations to ensure compliance and mitigate risks associated with data breaches. This guidance provides the latest best practices, statutory updates, and actionable insights, equipping you with the tools to navigate the demanding landscape of data protection compliance effectively.

View Risk & Compliance by content type:

Latest Risk & Compliance News

ICO updates data protection guidances following D(UA)A 2025 and publishes guidance on recognised legitimate interest

The Information Commissioner’s Office (ICO) has updated three guidances:...

FCDO publishes guidance on sanctions exceptions and licences

The Foreign, Commonwealth & Development Office (FCDO), together with the Office of Financial Sanctions Implementation (OFSI), the Office of Trade...

OFSI issues General Licence INT/2026/9247168 for Kazakh oil activities

The Office of Financial Sanctions Implementation (OFSI) has issued General Licence INT/2026/9247168 under regulation 64 of the Russia (Sanctions) (EU...

Dana Astra IOOO v FCDO: Challenging UK sanctions designations

Corporate Crime analysis: The Court of Appeal unanimously dismissed Dana Astra’s appeal against the High Court’s findings that Dana Astra, as a...

Featured Risk & Compliance content

Can I charge a fee for dealing with a data subject access request?

Can I charge a fee for dealing with a data subject access request?The General Data Protection Regulation (GDPR) provides for enhanced rights for data...

How to plan and conduct an internal investigation

How to plan and conduct an internal investigationAn internal investigation is a legal process undertaken by an organisation (with or without outside...

Can a limited company make a subject access request? Can a director of a limited company ask for recordings of calls with us? If yes, what personal data must we provide?

Can a limited company make a subject access request? Can a director of a limited company ask for recordings of calls with us? If yes, what personal...

Anti-bribery and corruption—post-training assessment answers

Anti-bribery and corruption—post-training assessment answersQuestionCorrect answer1. How many new offences does the Bribery Act 2010 create? (b)...

Practice notes

Money Laundering Regulations 2017—nominated officer

Money Laundering Regulations 2017—nominated officerThis Practice Note sets out when organisations must appoint a nominated officer (sometimes referred...

Read More >

30th May

In-house

Practice notes

Sanctions regime—Russia

Sanctions regime—RussiaThe Russia (Sanctions) (EU Exit) Regulations 2019, SI 2019/855, made under the Sanctions and Anti-Money Laundering Act 2018...

Read More >

2nd Jun

International sanctions

Practice notes

How to manage legal risk

How to manage legal riskIt is often said that running a business means taking risks and that the biggest risk an entrepreneur can take is not to think...

Read More >

Produced in partnership with Elizabeth Bourlet

13th Oct

Practice notes

Contract management risk management guide

Contract management risk management guideWhy you need to manage this riskContract management is often seen by the business as an activity which is...

Read More >

Produced in partnership with Elizabeth Bourlet

13th Oct

In-house

Q&As

Refusing a data subject request—what is ‘manifestly unfounded or excessive’?

Refusing a data subject request—what is ‘manifestly unfounded or excessive’?The General Data Protection Regulation (GDPR) provides for enhanced rights...

Read More >

30th May

Practice notes

Dawn raid—who can raid my organisation and why?

Dawn raid—who can raid my organisation and why?The UK Government has legislated to permit a number of UK authorities to obtain search warrants to...

Read More >

Produced in partnership with Michael Potts and Arozo Gajia of PCB Byrne

30th May

In-house