Written by Angela Dilks, senior solicitor at Fletchers.
Europe’s data protection rules are have undergone sweeping changes. To keep up with the huge amount of digital data being created, rules have been re-written and are in force. From today, Friday 25th May 2018, the new General Data Protection Regulation (GDPR) has updated personal data rules.
GDPR brings outdated personal data laws across the EU up to speed with an increasingly digital era. The previous data protection laws were put in place during the 1990’s and haven’t been able to keep pace with the levels of technological change.
As GDPR starts to be enforced by data protection authorities it will alter how businesses and public sector organisations can handle the information of their customers. GDPR also boosts the rights of individuals and gives them more control over their information.
Elizabeth Denham, the UK’s information commissioner, who is in charge of data protection enforcement, says she is frustrated by the amount of “scaremongering” around the potential impact for businesses. “The GDPR is a step change for data protection,” she says. “It’s still an evolution, not a revolution”. She adds that for businesses and organisations already complying with existing data protection laws the new regulation is only a “step change”.
When it comes to confidential and highly personal data, law firms store a lot of information. As such, they have a greater responsibility to keep data safe and take accountability for how data is collected, stored and used.
Information security isn’t just a job for the IT department: it’s the responsibility of every single employee. Everyone who comes into any contact with information in any form must follow an agreed approach to ensure its security.
At Fletchers we have implemented a number of policies to ensure that we are compliant and that data held in the company is more secure than it has ever been.