Q&As

Do I have to notify clients of a data breach under the SRA Codes of Conduct even where there is no requirement to notify the client of the breach under the UK GDPR?

read titleRead full title

Published by a ÀÏ˾»úÎçÒ¹¸£Àû Practice Compliance expert
Published on: 17 November 2022
imgtext

We are not aware of any specific guidance on this point. However, SRA requirements would apply alongside the UK GDPR and may be applicable even where there is no obligation to take action under UK GDPR. The SRA enforcement strategy points out that information security is of high importance to the public. In the context of parallel actions with other regulators, the SRA gives the example of a data breach, saying that while enforcement of data protection legislation is a matter for the Information Commissioner's Office (ICO), if a data protection breach also involves the disclosure of confidential client information, the SRA would investigate that as a regulatory offence.

For more information on the position under UK GDPR, see the Practice Compliance subtopic: Data breaches—compliance—overview, and in particular Practice Note: How to manage a personal data breach.

Powered by Lexis+®
Jurisdiction(s):
United Kingdom
Related legal acts:

Popular documents

If an email is sent to you in error by an opposing party’s solicitor, what obligations does one have to

If an email is sent to you in error by an opposing party’s solicitor, what obligations does one have to notify the client of its contents? If there is no duty to disclose the contents to the client, is there a duty to let them know that the email has been received but deleted?SRA standards and

Conflicts of interest—law firms and solicitors

Conflicts of interest—law firms and solicitorsConflicts of interest can cause difficult and serious problems for solicitors and law firms, both from a compliance point of view and in your client relationships. If a conflict of interest arises, or there is a risk of one arising in the course of your

Letter to client—substantially common interest

Letter to client—substantially common interestThank you for your instructions to act on [insert description of matter]. We have written to you separately with a [client care OR engagement] letter and our terms of business. The purpose of this letter is to explain our professional obligations in

Client conflicts in conveyancing or property matters—when can you act?

Client conflicts in conveyancing or property matters—when can you act?There are two types of conflict: own interest conflicts (sometimes called solicitor-client conflicts) and client conflicts of interest. This Practice Note explains when you can act if there is or may be a client conflict of