Information management and security鈥攔egulatory requirements鈥攍aw firms


Produced in partnership with DG Legal
Practice notes

Information management and security鈥攔egulatory requirements鈥攍aw firms


Produced in partnership with DG Legal

Practice notes
imgtext

This Practice Note explains the key regulatory and statutory provisions governing the management and security of information and data, referred to as information management and security.

SRA Requirements

You must keep the affairs of clients confidential unless disclosure is required or permitted by law or the client consents.

The SRA expects you to identify, monitor and manage all material risks to your business.

You are also under a duty to safeguard money and assets entrusted to you by clients and others.

UK General Data protection Regulation (UK GDPR)

Assimilated Regulation (EU) 2016/679 (UK GDPR) imposes extensive requirements around information security, record-keeping and general information management.

For more guidance, see Practice Note: How to comply with information security requirements and Precedent: Data protection compliance鈥攕elf-audit.

The UK GDPR security principle

Data security is a cornerstone of the UK GDPR. You must process Personal data in a manner that ensures appropriate security (using appropriate technical or organisational measures), including protection against:

  1. unauthorised or unlawful processing, and

  2. accidental loss, destruction or damage

The UK GDPR calls this

Powered by Lexis+
Jurisdiction(s):
United Kingdom
Related legal acts:
Key definition:
Requirements definition
What does Requirements mean?

A DCO should include 鈥淩equirements鈥 to which the development authorised by the DCO is to be subject. Similar to planning conditions, a requirement specifies the matters for which detailed approval needs to be obtained before the development can be lawfully begin.

Read more

Popular documents

If planning permission imposes restrictions on a licensed premises opening hours, once operational can

If planning permission imposes restrictions on a licensed premises opening hours, once operational can the personal licence holder apply for a Temporary Events Notice (TEN) to open for longer hours than those permitted in the planning permission?To use any property for a licensable activity both

Micklefield clauses

Micklefield clausesWhat is a Micklefield clause?It is common for employee share plans to provide that, on termination of employment (or when an employee is given or receives notice of termination of employment), subsisting share awards will be forfeited and subsisting share options will lapse.It is

What is the difference between an appeal and a review?

What is the difference between an appeal and a review?What is an appeal?An appeal in insolvency proceedings is no different to an appeal in normal litigation. An appeal will be allowed only if the appeal court is satisfied that the decision of the lower court was 'wrong' or 'unjust because of a

Financial clean break orders in family proceedings

Financial clean break orders in family proceedingsDuty of the court to consider a clean breakAlthough there is no presumption in favour of there being a financial clean break between parties on divorce, the court is under a duty to consider whether it would be appropriate to exercise its powers so