What is GDPR?

In April this year, the new General Data Protection Regulation (GDPR) was finalised by EU lawmakers and subsequently published in the Official Journal of the EU (OJEU). With the GDPR now ratified, it’s rapidly rising up the agenda of many law firms. As with any major legislation, there is still considerable misunderstanding around the implications of the regulations and how firms will have to adapt to satisfy new rules. For law firms specifically, the GDPR could have notable ramifications, given that the legal sector is particularly data heavy – with much of that data sensitive and private.

The GDPR is set to be the most significant development in data protection that Europe has seen in the past 20 years. It will require law firms that store or process data – which is in reality, all law firms – to now build data protection into system design and infrastructure. The regulation comes into full effect on 25th May 2018, giving law firms two years to prepare for significant change. Law firms that don’t use this time to prepare could be in for a nasty shock; failure to comply with the legislation can result in fines of up to 20,000,000 EUR, or 4% of annual worldwide turnover of the preceding financial year, whichever is greater.

The GDPR is set to be the most significant development in EU data protection for decades Click To Tweet

How to Prepare for GDPR

In order to help law firms prepare for the impact of GDPR, Trustmarque has partnered with 2twenty4 Consulting – which was founded by Tim Hyman, former CIO of multinational law firms Taylor Wessing and Reed Smith. 2twenty4, in conjunction with Trustmarque, has developed the GDPR Vulnerability Assessment, to help law firms prepare for GDPR requirements by understanding current practices, assessing risk and planning remedial steps to address vulnerabilities. In addition, the companies have developed the ProSec2 SecurityPlus Security-as-a-Service (SecaaS) solution; a comprehensive information security managed service that will help firms achieve the ISO 27001 standard – the international best practice cybersecurity and compliance benchmark.

In today’s world, information security is not just an IT issue, but a business issue. Law firms recognise the need for a full-time security officer to manage compliance and governance, but finding the right people is a challenge and they often lack the skills internally. Trustmarque will be discussing these issues at a co-hosted CIO roundtable, chaired by Tim Hyman, on the 23rd June 2016 at Tower 42 in Taylor Vintners London Offices. The discussion will be followed by refreshments at Vertigo, in Tower 42. The roundtable, which is also supported by Workshare, will explore the impact of GDPR for law firms and what approach to take to ensure compliance.

To find out more about how to become ready for GDPR legislation please visit www.GDPRready.com

How can law firms prepare for the legalisation of GDPR? Click To Tweet