GDPR Compliance

Under the General Data Protection Regulations (“GDPR”) and Data Protection Act (“DPA”), businesses and organisations will have to take a number of steps to achieve compliance.

In order to demonstrate compliance with the GDPR and, perhaps more importantly, to mitigate any enforcement action by the Information Commissioner’s Office, businesses should put in place:

  1. Policies and procedures in respect of their processing of personal data
  2. Test their systems and procedures regularly
  3. Training the staff appropriately

In a bit more detail, this means the business will need to have in place:

  1.  Privacy notices (both internal and external)  telling staff and the outside world what they are doing with their personal data.
  2. A data handling policy which sets out the businesses policies and practices staff must follow when handling personal data. This document will protect the business if a staff member acts beyond their powers and causes a data protection breach.
  3. Processing agreements in any situation when a controller / processor relationship arises. This document is required under the GDPR and will have a list of prescriptive clauses that must be contained within it setting out the responsibilities of the processor to the controller.
  4. A data protection officer (if required under the GDPR).
  5. A process to consider international transfers of personal data to ensure they are lawful by, for example, putting in place standard contractual clauses or other appropriate safeguard.
  6. A process to test their internal reporting pathways so if, for example, a data subject access request is received at reception there is a pathway to make sure it is provided to the responsible individual in order it can be dealt with in the required timeframes.
  7. A process to regular test the security of personal data including the IT systems and physical security at the business premises.
  8. A training program to ensure staff are aware of their responsibilities and are adequately trained in relation to data protection.

 

Have you read our GDPR Guides?

Everything you wanted to know but never dared to ask.

FULL PDF -> Step by Step guide to achieve GDPR Compliance.

FULL PDF -> GDPR Everything you NEED to know 

FULL PDF -> Do I need a Data Protection Officer? 

 

Data, IT & Technology Team

  • All departments
  • Agricultural Law
  • Brexit
  • Careers
  • Co Co - Employee Share Schemes
  • Co Co - Recovery & Insolvency
  • Co Co - Restructuring
  • Co Co Corporate Governance
  • Co Co Corporate lending
  • Co Co Financial Services
  • Co Co Franchising
  • Co Co GDPR
  • Co Co in-house legal support
  • Co Co International Contracts
  • Co Co M&A's
  • Co Co MBOs & MBIs
  • Co Co Partnership and LLPs
  • Co Co Regulatory, Compliance & Competition
  • Co Co Shareholders Agreements
  • Co Co Terms and Conditions
  • Co Co- Intellectual Property
  • CoCo - Banking and Finance
  • CoCo - New Businsess
  • CoCo Competition Law
  • CoCo Consumer Law
  • CoCo Data Protection - Marketing
  • CoCo Data, IT & Technology
  • Commercial Law
  • Commercial Property
  • Construction
  • Corporate & Commercial
  • Corporate Law
  • Debt Recovery
  • Dispute Resolution
  • Disputes - Business
  • Disputes - Declarations of trust
  • Disputes - Probate and inheritance
  • Disputes - Professional negligence
  • Disputes - Restrictive Covenants
  • Disputes - Shareholders & Partnership
  • Disputes - Tenants in Residential Property
  • Disputes - Wills, trusts & probate disputes
  • Disputes and Small Claims
  • Disputes Construction
  • Disputes with Co-owners
  • Divorce
  • Employee - Termination
  • Employer - Termination
  • Employment
  • Employment - Business protection
  • Employment - Collective consultations
  • Employment - Contracts, services, consultancy
  • Employment - Employee benefits
  • Employment - Employee Procedures
  • Employment - Equality, discrimination and harassment
  • Employment - Family Friendly Rights
  • Employment - GDPR and Data Protection
  • Employment - Post employment obligations
  • Employment - Redundancy & Reorganisation
  • Employment - Settlement Agreements
  • Employment - Tribunal Claims
  • Employment - TUPE
  • Employment - Wages, holiday and sick pay
  • Employment - Workers rights
  • Employment Tribunal claims
  • Estate Administration
  • Expat Legal Services
  • Family Law
  • Financial Services
  • GDPR
  • Help to Buy
  • Immigration law
  • International Legal Services
  • Key Property Contacts
  • Land and Property Disputes
  • Land, development and construction
  • Lasting Powers of Attorney
  • Leasehold
  • Licensing Law
  • Money, Tax and Inheritance
  • New Build Conveyancing
  • Private Wealth and Inheritance
  • Professional Negligence
  • Property Finance
  • Property Law
  • Residential Property
  • Residential Property - Completions
  • Residential Property - Shared Ownership
  • Trainee Solicitor
  • Wills, Trusts & Probate

Latest news & insights

+44 (0)1276 686 222

Email: info@herrington-carmichael.com

Farnborough
Brennan House, Farnborough Aerospace Centre Business Park, Farnborough, GU14 6XR

Reading (Appointment only)
The Abbey, Abbey Gardens, Abbey Street, Reading RG1 3BA

Ascot (Appointment only)
102, Berkshire House, 39-51 High Street, Ascot, Berkshire SL5 7HY

London (Appointment only)
60 St Martins Lane, Covent Garden, London WC2N 4JS

Privacy Policy   |   Legal Notices, T&Cs, Complaints Resolution   |   Cookies  |   Client Feedback   |  Diversity Data

 

 

Our Services

Corporate Lawyers
Commercial Lawyers
Commercial Property Lawyers
Conveyancing Solicitors
Dispute Resolution Lawyers
Divorce & Family Lawyers
Employment Lawyers
Immigration Law Services
Private Wealth & Inheritance Lawyers
Startups & New Business Lawyers

Pay Online >

Please be aware that we have no plans to change our bank details. If you receive any indication that any of our bank details have changed please contact us before sending us any funds. We take no responsibility for monies you transfer into the wrong bank account.

© 2024 Herrington Carmichael LLP. Registered in England and Wales company number OC322293.

Herrington Carmichael LLP is authorised and regulated by the Solicitors Regulation Authority with registration number 446245.