Orlagh’s team will carry out an information gathering exercise to assess the level of data protection compliance within chambers currently, and how it is meeting the legislative requirements of the GDPR.

Briefed will provide a comprehensive report and action plan in relation to what you need to do internally to achieve compliance which will include recommendations in relation to which polices and procedures you will need to update. The key deliverable is a comprehensive report which typically runs to 40/45 pages. It will outline the requirements of GDPR along with findings of how Chambers is performing and recommendations in relation to areas that require improvement. The recommendations from a first version of a GDPR action plan for discussion around implementation internally. We would normally expect the report to be delivered within 3 weeks of the final interview.

The areas which will be explored:

  1. Data sharing outside the organisation
  2. Policies and procedures
  3. Staff training
  4. What types of data are being processed and why?
  5. Data retention and disposal
  6. Security policies and procedures
  7. Data protection impact assessments
  8. Subject access requests
  9. Data breaches
  10. International transfers of data