Data security

The obligation is to ensure personal data are processed in a manner that provides for appropriate security, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage.

You have to use appropriate technical and organisational measures to achieve that data security. Where an organisation’s computer systems are hacked, it is usually as a result of a failure to meet this obligation. 

To support data security, the GDPR also restricts transfers of personal data outside the EU and requires a whole raft of provisions to be included in any contract under which personal data are processed by one organisation on behalf of another. This requirement applies to all contracts in force beyond 25 May 2018 (irrespective of whether they were entered into before or after that date).

Practical steps to take now

  1. Review who in your organisation has access to records containing personal data (particularly any records containing special categories of personal data) and determine whether it necessary for everyone who currently has access to retain it.
    Consider whether pseudonymisation and encryption of personal data would be sensible – the GDPR and accompanying guidance published to date refer specifically to this.
  2. Plan staff training updates to emphasise the importance of data protection within your organisation.
  3. Ensure any contracts that your organisation has where personal data are transferred to another organisation – which happens where you use a cloud-based software system, for example – are GDPR-compliant (see the information on mandatory provisions for data processing contracts).  
  4. Download our checklist  on mandatory provisions for data processing contracts to ensure you are fully compliant with the regulations.

Main contacts

Contact one of our lawyers to discuss your GDPR concerns.

  • Gary Attle

    Partner

    Gary Attle

    Gary Attle

    Partner

    • +(44)(0)1223 222394
    • Contact Gary

      Contact Gary Attle

      * = required

      Mills & Reeve will use the information you provide in this form in accordance with our privacy policy. We may from time to time send you general updates by email or post that we think you will find of interest. This includes notification of upcoming event and updates or alerts containing relevant legal news. You can update your preferences at any time and will be able to easily unsubscribe from anything that you do not wish to receive.

      Thank you

      Thank you for your enquiry. We will be in touch shortly.

      Close
      Reset form
      Close overlay
    • Cambridge
    Bookmark this page

  • Richard Sykes

    Partner

    Richard Sykes

    Richard Sykes

    Partner

    • +(44)(0)12456 8436
    • Contact Richard

      Contact Richard Sykes

      * = required

      Mills & Reeve will use the information you provide in this form in accordance with our privacy policy. We may from time to time send you general updates by email or post that we think you will find of interest. This includes notification of upcoming event and updates or alerts containing relevant legal news. You can update your preferences at any time and will be able to easily unsubscribe from anything that you do not wish to receive.

      Thank you

      Thank you for your enquiry. We will be in touch shortly.

      Close
      Reset form
      Close overlay
    • Birmingham
    Bookmark this page

  • Peter Wainman

    Partner

    Peter Wainman

    Peter Wainman

    Partner

    • +(44)(0)1223 222408
    • Contact Peter

      Contact Peter Wainman

      * = required

      Mills & Reeve will use the information you provide in this form in accordance with our privacy policy. We may from time to time send you general updates by email or post that we think you will find of interest. This includes notification of upcoming event and updates or alerts containing relevant legal news. You can update your preferences at any time and will be able to easily unsubscribe from anything that you do not wish to receive.

      Thank you

      Thank you for your enquiry. We will be in touch shortly.

      Close
      Reset form
      Close overlay
    • Cambridge
    Bookmark this page

  • Paul Knight

    Partner

    Paul Knight

    Paul Knight

    Partner

    • +(44)(0)16234 8702
    • Contact Paul

      Contact Paul Knight

      * = required

      Mills & Reeve will use the information you provide in this form in accordance with our privacy policy. We may from time to time send you general updates by email or post that we think you will find of interest. This includes notification of upcoming event and updates or alerts containing relevant legal news. You can update your preferences at any time and will be able to easily unsubscribe from anything that you do not wish to receive.

      Thank you

      Thank you for your enquiry. We will be in touch shortly.

      Close
      Reset form
      Close overlay
    • Manchester
    Bookmark this page

Search

Mills & Reeve Sites navigation
A tabbed collection of Mills & Reeve sites.
Sites
My Mills & Reeve navigation
Subscribe to, or manage your My Mills & Reeve account.
My M&R

Visitors

Register for My M&R to stay up-to-date with legal news and events, create brochures and bookmark pages.

Register
Visitor Login

Existing clients

Log in to your client extranet for free matter information, know-how and documents.

Client Extranet

Staff

Mills & Reeve system for employees.

Staff Login

Our use of cookies

To help improve your experience of our website we would like to use cookies. This means we collect some information on your activity while you are on the website. For more information read more about our use of cookies here, your setting can be changed at any time.
Please accept our use of cookies and help us improve your experience.

Accept Cookie settings
Close overlay