The GDPR impacts on the giving of references and supplying confidential information
Employers are advised to write a clear policy on the giving of references. The ICO (Information Commissioner’s Office) has said employers should have a clear policy setting out, which employees are authorised to give references and in what circumstances.
Legal
SRA – new focus on “principles” not “rules”
The SRA is focussing on ‘principles’ and ‘professional judgement’ as opposed to ‘rules’ A principle based system is more uncertain than fixed rules and therefore it is more important to legal practices to have a set of recorded systems and controls in place that are applied consistently across the firm. The rules are clear particularly … Read more
Data Processors and the General Data Protection Regulation (GDPR)
Whether you are a Data Controller or a Data Processor you have responsibilities under the General Data Protection Regulation (GDPR). A controller determines the purposes and means of processing personal data, whereas a processor is responsible for processing personal data on behalf of a controller and you are required to maintain records of personal data and processing activities.
Data Protection law and GDPR
On 25 May 2018 most processing of personal data by organisations will have to comply with the General Data Protection Regulation (GDPR). Preparing for the general data protection regulation – 12 steps that you should take now
Data Protection and Subject Access Requests
An increasing number of subject access requests have been made under the Data Protection Act 1998.
Subject access requests are used as tactical ploys as a way of putting pressure on the other side to disclose documents that would not otherwise be disclosable in litigation. Several cases have been
