GDPR Training and Compliance

/GDPR Training and Compliance
GDPR Training and Compliance2018-03-19T15:36:23+00:00

ABC is proud to represent Briefed (TM), and their bespoke and innovative GDPR compliance solution written especially for Members of the Bar, all Chambers’ support staff and the entity of Chambers itself. The unique world of the Bar is well-known to the individuals who, like ourselves, have worked within the Inns for many years, but is often completely misunderstood by others without that experience. Hardly surprising when the complex dynamics and peculiar way (to others) that Chambers operate, is a model that is not repeated elsewhere in industry. This is why ABC truly believe that the Briefed data compliance bundle is the best solution for Chambers. Written by a Member of the Bar GDPR expert, solely for Members of the Bar and sets of Chambers, we are yet to see anything approaching its practicability, ease of use and cost-effectiveness, or any other form of GDPR training that solely focuses on “Life at the Bar”.

ABC is the sole representatives in England and Wales for the Briefed product for Chambers. If you would like to discuss any aspect of the Briefed Data Compliance Bundle for Chambers, you can contact Bill or one of the ABC team. The Briefed website can be found here but please see below for lots of further information about the Briefed products for Chambers. To request a copy of Briefed’s free GDPR Guide for Barristers Chambers, please contact us here.

Briefed is the brainchild of barrister and legal technologist, Orlagh Kelly. For more than five years they have specialised in data protection compliance, providing organisations throughout the UK and Ireland with the framework they need to ensure they are data protection compliant, whether under current legislation or under the new GDPR.

Using their unique combination of legal, tech and real world know-how, they help Chambers and businesses fulfill their data protection obligations through training (both on-line and in-house), consultancy services and data protection certification. Orlagh is fast becoming the go-to person for all things GDPR in the UK. Along with her highly skilled team, she actively seeks to provide solutions to data compliance obligations without hindering the profitability and efficiency of a Chambers. They work with current processes and technology and provide unbiased recommendations should further investment be required.

First and foremost, GDPR is legislation and understanding how to implement legislation requires legal expertise. Created by a barrister, the aim of all the Briefed portfolio of training and compliance products is to ensure that each individual within Chambers genuinely understands how the new legislation impacts upon them and their role, and what they need to do in order to help Chambers stay compliant.

Briefed is well versed in GDPR case law, with an in-depth knowledge of how the Information Commissioner’s Office handle their investigations. Not only do they understand the legal positioning of GDPR but they understand how it is interpreted and what that means for Chambers. They can advise and walk through all aspects of your compliance journey, enabling you to feel confident and secure in the knowledge that come the 25th May, your set will be ready for the GDPR.

To assist chambers, Briefed offer a number of services

1. Online training for chambers staff.

This immediately raises awareness internally, helps prevent errors in dealing with data, assists the staff in guiding barristers and provides some defence to the ICO if there is a data breach. As Elizabeth Denham, the UK Information Commissioner, said in her recent blog “Staff are your best defence and greatest potential weakness – regular and refresher training is a must”.

2. A professional risk assessment/gap analysis.

This flushes out areas of noncompliance or vulnerability which chambers need to address to prevent a data breach, and can be done for an agreed fixed price.

3. Consultancy.

If as a result of a risk  assessment chambers require appropriate policies drafted, new technology sourced etc.,  this can be done at an hourly consultancy rate.

4. GDPR/Data Protection Compliance for individual barristers.

All practicing Barristers need to be compliant  with the current legislation and get ready for GDPR. Barristers are currently exposed to fines of up to £500,000, sanctions by BSB,  and damage to their reputation to name a few. So, although GDPR changes the size of the fines (€20million) the compliance work should actually already be in place. If it is not, each barrister is taking serious risks with their business and the reputation of Chambers as a whole, which they need to fix immediately.

Again, partaking in training implementing the correct documentation and examining areas of risk in their practice will not only reduce risk of a date breach, but will prove some elements of defence in case of an ICO investigation. As barristers are micro businesses Briefed have been able to create a cost effective compliance bundle which barristers can complete themselves, raise compliance and achieve a Data Protection Quality Mark to proffer as evidence of data protection compliance to instructing solicitors, local authorities etc.

Like the staff version, it is ordered into numerous “bite sized” chucks which means the individual does not have to sit down to do it all in one go and they can leave and re-join at any stage. Briefed will provide a nominated Chambers contact with regular updates on who has logged in and begun the course, where individuals are along the pipeline and who has successfully completed the training, making it very easy to manage from a Chambers perspective.

The Gap Analysis and report.

Orlagh’s team will carry out an information gathering exercise to assess  the level of data protection compliance within chambers currently, and how it is meeting the legislative requirements of the GDPR.

Briefed will provide a comprehensive report and action plan in relation to what you need to do internally to achieve compliance which will include recommendations in relation to which polices and procedures you will need to update. The key deliverable is a comprehensive report which typically runs to 40/45 pages. It will outline the requirements of GDPR along with findings of how Chambers is performing and recommendations in relation to areas that require improvement. The recommendations from a first version of a GDPR  action plan for discussion around implementation internally. We would normally expect the report to be delivered within 3 weeks of the final interview.

The areas which will be explored:

  1. Data sharing outside the organisation
  2. Policies and procedures
  3. Staff training
  4. What types of data are being processed and why?
  5. Data retention and disposal
  6. Security policies and procedures
  7. Data protection impact assessments
  8. Subject access requests
  9. Data breaches
  10. International transfers of data