The GDPR and DPA 2018 have already been in force for nearly four months. Here we talk through some of the key learnings since May.
Our experienced data protection and freedom of information solicitors can support co-operatives and mutuals to ensure they comply with complex data protection and freedom of information legislation.
If you are a co-operative or mutual who is storing, copying or transferring personal data or is faced with requests for confidential information, our experienced team of information-law solicitors can support your organisation to ensure you are complying with information law.
When it comes to information law The Data Protection Act 1998 is a key piece of legislation that controls how personal information about individuals is used by organisations, businesses and the Government. Organisations and individuals responsible for using data are bound by the Data Protection Act to follow the data protection principles, which have been put in place to ensure information is:
- Used fairly and lawfully and with a legal ground for processing.
- Used for limited, specifically stated purposes.
- Used in a way that is adequate, relevant and not excessive.
- Kept for no longer than is absolutely necessary.
- Handled according to people’s data-protection rights.
- Kept safe and secure.
- Not transferred outside the European Economic Area without adequate protection for the data-protection rights of individuals.
When the data refers to sensitive information such as ethnic background, political opinions, religious beliefs, health, sexual health or criminal records, there is stronger legal protection.
Another key piece of legislation is The Freedom of Information Act, which provides public access to information held by public authorities. There are two ways in which it does this:
- Public authorities are obliged to publish certain information about their activities.
- Members of the public are entitled to request information from public authorities.
All recorded information that is held by a public authority, such as government departments, local authorities, the NHS, schools and police forces, in England, Wales and Northern Ireland, and by UK-wide public authorities based in Scotland is covered by the The Freedom of Information Act. Information held by Scottish public authorities is covered by Scotland’s own Freedom of Information (Scotland) Act 2002.
Our data protection and freedom of information service
At Anthony Collins Solicitors we work in partnership with our clients to provide clear, practical advice on all aspects of information law and work with you as a co-operative and mutual to ensure that they are working in compliance with legislation.
We understand that you might handle a wide variety of sensitive and confidential personal data and we work closely with you in order to help you to provide effective and efficient solutions to data-protection issues, such as requests for disclosures of personal data to third parties and complex subject-access requests under the Data Protection Act 1998.
When entering into contracts with public-sector bodies, we know that issues can arise and we will support you to resolve any issues in relation to information law. Our information-law team can also provide training on data protection and freedom of information, which is tailored to the organisation and sector in which you operate.
Our experienced team use their extensive sector and legal knowledge to ensure your organisation operates in accordance with the law relating to data protection and freedom of information, including:
- Advice on data security, data breaches and reputation management.
- Drafting of, and advice in relation to, policy documentation, privacy notices, data-processing contracts and data-sharing protocols.
- Advice in relation to requests for disclosure, subject access and applicable exemptions.
- Advice in relation to collection and handling of personal data and, particularly, sensitive personal data and the legal grounds for processing under the Data Protection Act.
- Advice on the direct marketing rules under the Data Protection Act 1998 and the Privacy and Electronic Communications (EC Directive) Regulations 2003.
- Assisting with making Freedom of Information Act (FOIA) requests and advice in relation to the receipt of such requests, including applicable exemptions.
- Advice on privacy affecting technologies such as CCTV.
- Advice in relation to DBS checks and conviction information.
- Review of commercial contracts and advice in relation to Freedom of Information Act and Data Protection clauses, including implications for outsourcing, cloud computing and international data transfers.
We have been recognised for the work we do
In what has been a veritable deluge of data protection-related developments, we now have in our midst, a brand-new, homegrown iteration of data protection legislation; the Data Protection Act 2018.
We are now only a few weeks away from the biggest change to data protection laws in over 20 years. Are you compliant?
To receive invitations to our events, as well as information and articles on legal issues and sector developments that are of interest to you, please sign up to Newsroom.