Information & data security

View Risk & Compliance by content type:

Latest Risk & Compliance News

Featured Risk & Compliance content

Practice notes
Dawn raid—who can raid my organisation and why?IP COMPLETION DAY: 11pm (GMT) on 31 December 2020 marks the end of the Brexit transition/implementation...
Read More >
Produced in partnership with Michael Potts of PCB Byrne 19th May
Practice notes
Conflicts of interest, confidentiality and disclosure 2019—in-house lawyersThe SRA Code of Conduct for Solicitors, RELs and RFLs (Code for Solicitors)...
Read More >
19th May
Practice notes
Brexit—exiting the EU under Article 50 [Archived]ARCHIVED: This Practice Note has been archived and is not maintained.This Practice Note contains...
Read More >
Produced in partnership with Adam Cygan of University of Leicester 19th May
Precedents
1DefinitionsModern Slavery Policy•means the Customer's anti-slavery and human trafficking policy as set out in Schedule [insert] as updated by the...
Read More >
19th May
Practice notes
High-risk third countries trackerOrganisations caught by the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer)...
Read More >
19th May
Practice notes
Active bribery, passive bribery and bribing foreign public officialsThe purpose of this Practice Note is to provide a general understanding of the...
Read More >
Produced in partnership with Joanne Kane of Carmelite Chambers 19th May
Practice notes
Money Laundering Regulations 2017—simplified due diligenceYou may apply simplified customer due diligence (SDD) measures in relation to particular...
Read More >
19th May
Practice notes
Proceeds of Crime Act 2002—key information for businessesThe Proceeds of Crime Act 2002 (POCA 2002) came into force on 24 February 2003. It applies to...
Read More >
19th May
Practice notes
Brexit legislation trackerThis Practice Note tracks the progress of UK legislation introduced as part of the legislative project associated with the...
Read More >
19th May
Practice notes
Tipping-off and prejudicing an investigationThere are several offences of tipping-off and prejudicing an investigation that apply to the regulated...
Read More >
19th May
Precedents
In briefThis precedent links to: •a template created by the UK Information Commissioner’s Office (ICO) of the ‘Set II’ or ‘2004’ EU Standard...
Read More >
19th May
Practice notes
Introduction to retained EU lawThis Practice Note provides an introduction to retained EU law. It provides an overview of the key definitions and...
Read More >
Produced in partnership with Dr. Kieran Laird of Gowling WLG 19th May
Practice notes
SRA Code of Conduct for Solicitors, RELs and RFLs—for in-house lawyersThis Practice Note provides guidance for in-house solicitors on the SRA Code of...
Read More >
19th May
Precedents
1IntroductionThis financial sanctions policy is designed to ensure we comply with applicable financial sanctions laws made under the UK sanctions...
Read More >
19th May
Practice notes
Getting the Deal Through: Merger Control 2021Jurisdictions coveredThe following jurisdictions are covered in this report:Albania; Australia; Austria;...
Read More >
19th May
Practice notes
Working with European lawyers—the Registered European Lawyer (REL) regimeAt 11 pm (GMT) on 31 December 2020, the Brexit transition/implementation...
Read More >
19th May

Most recent Information & data security content

Precedents
Policy—social media (short form)IP COMPLETION DAY: The Brexit transition period ended at 11pm on 31 December 2020. At this time (referred to in UK law...
Read More >
8th Sep
Practice notes
Social media—employment issuesIP COMPLETION DAY: The Brexit transition period ended at 11pm on 31 December 2020. At this time (referred to in UK law...
Read More >
8th Sep
Precedents
Data mapping—internal questionnaireIt is important that we understand what personal data we hold, so we can take steps to protect that data, as...
Read More >
3rd Sep
Precedents
Sample data processing map1Identify and document why the organisation processes personal dataRather than trawling the organisation for personal data...
Read More >
3rd Sep
Precedents
Data protection risk assessment—short form1Background informationAssessment for:[state whether the assessment relates to the whole firm or a specific...
Read More >
25th Aug
Practice notes
Information security—encryptionEncryption is a widely-available information security solution. It is relatively affordable and simple to implement, so...
Read More >
24th Aug
Practice notes
Information security—passwordsPasswords are a widely available method of protecting access to personal data and the systems used to process it. They...
Read More >
24th Aug
Precedents
Patch registerThis Precedent Patch register is designed to help you keep track of the software patches applied in your organisation, and to log any...
Read More >
22nd Aug
Precedents
Information security review1Policies and proceduresICO expectationAdditional guidanceAction points (if any)☐  You have a process to identify, assess...
Read More >
22nd Aug
Precedents
Records retention schedule1Introduction1.1This Record retention schedule accompanies and is incorporated into [insert organisation’s name]’s Records...
Read More >
22nd Aug
Precedents
Version control and document management policy1IntroductionThis policy sets out how [we OR the legal team] ensure[s]:1.1a consistent naming convention...
Read More >
22nd Aug
Precedents
Passwords—quick guide to getting it rightThis quick guide can help you to create a strong password (that you won’t forget) and maintain the best...
Read More >
22nd Aug
Precedents
Information security—code of ethicsAll staff are collectively and individually responsible for information security. This involves knowing and...
Read More >
22nd Aug
Precedents
Data processing registerThis Precedent Data processing register will enable you to keep a record of the personal data you process and how it is...
Read More >
22nd Aug
Precedents
Information audit formInformationWhy is it processed?How is it stored?How is it used?How long is it needed?[Personnel files][To record employment...
Read More >
22nd Aug
Precedents
Clear desk and clear screen policy1Purpose and application1.1This policy sets out the measures you are expected to take to protect personal data and...
Read More >
22nd Aug
Precedents
Information management and security—annual review1General informationDate of review[insert date of review]Person(s) conducting review[insert name or...
Read More >
22nd Aug
Q&As
What can I do to protect confidential information in the workplace?What counts as confidential information?Confidential information is information...
Read More >
16th Aug
Practice notes
Information security—data protection complianceYou must have appropriate security in place to prevent personal data being accidentally or deliberately...
Read More >
16th Aug
Precedents
Website—cybercrime—monitoring form1ReviewName of person(s) conducting review[Insert name(s)]Date of review[Insert date]Number of files/pages added in...
Read More >
15th Aug

Popular documents