GDPR GP - Mills & Reeve LLP

Download PDF
0 downloads 156 Views 464KB Size Report
Comment
General Data Protection Bill (GDPR) and the new UK. Data Protection ... Our GDPR GP data protection audit and gap analys
GDPR GP Health check Every organisation processes personal data. The EU General Data Protection Bill (GDPR) and the new UK Data Protection Act came into force on 25 May 2018. They promote the importance of data protection and increase the risk of cutting corners on compliance. Failure to comply could cost up to €20million, or 4% of global annual turnover if that is higher. It’s one unwelcome way to trim your bottom line. You need to know how effective your current compliance is. If you are lagging behind, you don’t just need an overview of the new law – you need understandable solutions to get fit to process personal data. This is exactly what we offer at Mills & Reeve. We provide industry leading expertise in an accessible way. We focus on practical steps you can take to get data protection compliance right. We’re not simply going to tell you the consequences of getting it wrong. Our GDPR GP data protection audit and gap analysis highlights areas of non-compliance and helps create a specific action plan to remedy identified gaps in a costeffective way. We don’t over-engineer solutions. We want you to get the maximum from your compliance budget, not drain your resources.

Our service matrix includes: Gap Analysis Workshop Half-day workshop for senior management teams explaining what the organisation will need to do to ensure it is GDPR compliant.

Benefits 

Raises awareness with management teams about the importance of data protection and privacy



Allows questions to be answered in person by an expert



Helps debunk myths about data protection



Encourages knowledge sharing about best practice within your organisation

Contract Amendments

Benefits

The GDPR requires all contracts that cover processing of personal data to contain certain mandatory provisions from 25 May 2018 – even if they were entered into before then. We can help amend all your existing contracts to ensure compliance through a manageable process.



Removes an obvious area of non-compliance



Ensures risk is appropriately apportioned



Takes the pain out of the process



Covers employment contract, where consent clauses will no longer be appropriate

Privacy Notice Update

Benefits

You will have to provide people with more information about what you do with their personal data and why. We can work with you to ensure the right information is relayed.



Helps improve transparency and increase trust



Removes another obvious area of non-compliance



We advise on innovative ways to convey privacy information

Marketing Communications Plan

Benefits

Reports say the changes in law will see the death of direct marketing. It is not easy to refresh consent lawfully from existing contacts. We can work with you to resuscitate your marketing practices.



Helps you quantify and manage the risk of sending direct marketing messages without adequate consent



Can avoid you having to scrap your existing database of contacts

Health Check Hotline

Benefits

We can offer immediate access to data protection experts who are happy to take your call and talk through any concerns you might have about compliance with the complex legislation.



Provides a sounding board – enabling you to quickly check your understanding of a legal point



Provides quick access to partners and senior lawyers

A snapshot of our experience Working with a Central Government Department to address certain GDPR issues as part of the national project to replace the supply chain arrangements

Advising a global technology business on its preparations for the GDPR, including providing GDPRready clauses for a range of contracts. This followed our previous support on a data protection audit

Working with a multi-national charity to develop its policy for addressing GDPR issues through commercial contracts, implemented through an interactive data protection decision tool

Advising universities on the impact of the GDPR and the Data Protection Bill on uses of student and alumni data

Updating supplier contracts for a national regulator and assisting with determination of controllerprocessor arrangements in light of GDPR

Advising multiple sports bodies on practical steps to take to prepare for the GDPR

Drafting a ground-breaking information sharing agreement for the NHS as part of the vanguards initiative

Helping SMEs, including technology solutions providers, deal appropriately with data processing requirements in anticipation of the GDPR

Training management teams for companies within the mid-market businesses on getting data protection right

Get in touch... Richard Sykes

Peter Wainman

Partner

Partner

T +44(0)121 456 8436

T +44(0)1223 222408

[email protected]

[email protected]

Gary Attle

Paul Knight

Partner

Principal Associate

T +44(0)1223 222394 [email protected]

T +44(0)161 234 8702 [email protected]

www.mills-reeve.com/gdpr www.mills-reeve.com Mills & Reeve LLP is a limited liability partnership authorised and regulated by the Solicitors Regulation Authority and registered in England and Wales with registered number OC326165. Its registered office is at Monument Place, 24 Monument Street, London, EC3R 8AJ, which is the London office of Mills & Reeve LLP. A list of members may be inspected at any of the LLP’s offices. The term “partner” is used to refer to a member of Mills & Reeve LLP.