We use cookies to collect and analyse information on site performance and usage to improve and customise your experience, where applicable. View our Cookies Policy. Click Accept and continue to use our website or Manage to review and update your preferences.

Data protection guidance for law firms

27 Aug 2019 / data law Print

Data protection guidance issued for law firms

Guidance is now available for solicitors on how to respond to a data subject access request.

The Intellectual Property and Data Protection Law Committee has prepared notes and a checklist on how to deal with these cases.

The checklist details the steps which must be taken under GDPR rules:

  • Has a person with appropriate seniority been appointed to drive GDPR compliance in the firm?
  • Are staff generally aware of data protection rules?
  • Are staff aware of the consequences of failure to apply data protection rules?
  • Have staff completed basic data protection and basic information security training?
  • Would your staff be able to recognise and respond to a subject access request?
  • Would your staff be able to recognise and respond to a data security breach?
  • Are new staff trained in data protection matters?

Transfers of data

Each firm should also consider and document other matters such as transfers of personal data outside the EEA, special categories of data, data relating to children or minors and processing which causes a security risk such as bank details of clients or counterparties. 

Solicitors can find information regarding their data protection obligations, including precedent documents, here.


Gazette Desk
Gazette.ie is the daily legal news site of the Law Society of Ireland