With the expertise of our commercial data protection lawyers, as well as a market-leading contentious privacy practice, we advise clients on all aspects of the impending EU General Data Protection Regulation.
Demonstrating compliance with the GDPR requires organisations to develop clear policies and procedures to protect personal data. Insurers and brokers will need to take action to ensure that their current procedures are updated to comply. The GDPR also imposes more stringent requirements for responding to data breaches, including compulsory notification to the ICO within 72 hours in most instances where a breach has occurred.
There are many steps that organisations need to take in order to ensure compliance and protect their data, brand and reputation. These range from reviewing privacy notices and policies regularly, reviewing systems for recording consent to ensure there is an effective audit trail, to embedding privacy into any new processing or product that is deployed.
We work alongside our clients and advise on the adequacy of their procedures and policies, and review contractual documentation. We also provide a market-leading, lawyer-led breach response service (ReSecure), which recently won The Lawyer's Best Client Service Innovation Award. We have extensive experience in managing data breaches, and making the appropriate regulatory and data subject notifications.
So, whether you need advice on designating a Data Protection officer or putting in place policies and procedures to detect, report, notify, investigate and manage data breaches, we are on hand to guide you every step of the way.