GDPR: a data minefield

Posted on 28 March 2018 by Eduardo Reyes. Source: The Law Society Gazette

GDPR: a data minefield

As GDPR approaches on 25 May, Mishcon de Reya data protection and compliance experts Adam Rose and Rowena Herdman-Smith participated in a round table discussion hosted by The Law Society Gazette.

GDPR requires transparency in respect of an organisation’s possession and use of data, which must be for a ‘legitimate process’. If a result can be achieved without processing the data, an alternative method should be deployed.

Adam Rose commented: "I’ve done 13 sessions so far with 50-60 people in each one. It’s been quite an exercise.’ He adds: ‘[Training businesses in preparation to GDPR] has been quite useful in terms of opening people’s eyes to business development opportunities, as well as their own personal practices [where] they assumed everyone was always doing [something] and therefore it was okay."

Rowena Herdman-Smith commented: "In the world of business, you share data with suppliers to help you deliver your services.’ Mishcon de Reya has been educating suppliers: ‘Some of them really don’t know that they are also going to be asked to be compliant with GDPR. Some of them don’t know that they are actually processing data."

Read the full write up of the roundtable discussion here.