The GDPR sets new standards for privacy and personal data.
In May 2018, a new European Union (EU) privacy regulation went into effect with broad reaching implications for law firms around the world. The regulation, called the General Data Protection Regulation (GDPR), introduced new requirements on privacy, security, and compliance for organizations that offer goods and services to European Union (EU) residents.
- Enhanced personal privacy rights
- Increased duty for protecting data
- Mandatory breach reporting
- Significant penalties for non-compliance
GDPR: Not just Europe.
The GDPR applies more broadly than many people think. The law imposes new rules on law firms, government agencies, non-profits, and other organizations that offer goods and services to people in EU or that collect and analyze data tied to EU residents — no matter where they are in the world.
GDPR is applicable to law firms of all sizes and practice areas.
Steps to get started with GDPR compliance.
As a Microsoft partner, we can help!
GDPR enforcement begans May 25, 2018. Has your firm taken any steps to comply?
We have the skilled personnel, process knowledge, legal background and Microsoft technology expertise to evaluate your GDPR readiness and help you on your path to become, and stay, compliant.
We not only understand GDPR technical requirements, one of our owners
is a Data Privacy, Compliance & Technology attorney.
Key changes required by the GDPR.
Individuals have the right to:
- Access their personal data
- Correct errors in their personal data
- Erase their personal data
- Object to processing of their personal data
- Export personal data
Controls & Notifications
Law Firms will need to:
- Protect personal data using appropriate security
- Notify authorities of personal data breaches
- Obtain appropriate consents for processing data
- Keep records detailing data processing
Law Firms are required to:
- Provide clear notice of data collection
- Outline processing purposes and use cases
- Define data retention and deletion policies
IT & Training
Law Firms will need to:
- Train privacy personnel & employee
- Audit and update data policies
- Employ a Data
- Protection Officer (if required)
- Create & manage compliant vendor contracts
Microsoft technology forms the basis of our GDPR solution
Process all in one place
Centralize processing in a single system, simplifying data management, governance, classification, and oversight.
Maximize your protections
Protect data with industry leading encryption and security technology that's always up-to-date and assessed by experts.
Streamline your compliance
Utilize services that already comply with complex, internationally-recognized standards to more easily meet new requirements, such as facilitating the requests of data subjects.
We'll wlork with you to uncover risk, and take action
Discover data across systems
- Discover and catalog data sources
- Increase visibility with auditing capabilities
- Identify where personal info resides across devices, apps, and platforms
Govern access and processing
- Enforce use policies and access controls across your systems
- Classify data for simplified compliance
- Respond to data requests and transparency requirements
Protect through the entire lifecycle
- Protect user credentials with risk-based conditional access
- Safeguard data with built-in encryption technologies
- Rapidly respond to intrusions with built-in controls to detect and respond to data breaches
About our GDPR solution:
- Uses Microsoft Technology & Best Practices
- Performed by Law Firm Experts
- Reviewed by a Data Privacy Attorney
Contact Us For You Law Firm GDPR Assessment