Data protection

  • Overview

    Expert advice in relation to all aspects of data protection information governance, privacy, cyber liability and electronic communications.

    For many organisations information, data and especially personal data are critical to the success of their businesses. Both public and private sector organisations are collecting, holding and processing ever greater amounts of personal data, sensitive personal data and other data in the course of their day to day operations.  This valuable asset should be commercialised effectively and adequately protected.

    The UK Government is committed to upholding information rights in the public interest and protecting the privacy of individuals in respect of their personal data. In an increasingly regulated environment, organisations must be aware of their obligations under relevant legislation including the current Data Protection Act 1998, (the "DPA") and the forthcoming GDPR. The GDPR, with its more stringent rules and increased penalty regime (which may be linked to annual turnover) means that the importance of compliance will become more acute for all organisations.

    Breaches of the DPA and the forthcoming GDPR may lead to significant reputational damage for organisations. Additionally, the financial penalties that can be levied for breaches are becoming increasingly severe. Undoubtedly the future will entail an increase in the data protection compliance obligations of all organisations that collect, hold and/or process personal data as part of their operations (both home and abroad).

    Weightmans' expert team provides advice in respect of a full range of data protection and information governance related issues including:

    Data Protection and e-commerce issues

    • GDPR compliance audits
    • Access to and use of personal data
    • Cyber liability and security breach management
    • Data sharing and information sharing protocols
    • Data subject access requests
    • ICO investigations and litigation
    • Employment related issues
    • International data transfers
    • Social media and CCTV
    • E-marketing
    • Cookies and cookie policies

    We have a significant practice advising a wide variety of clients on data protection and information governance matters, ranging from sole traders to multinationals. We regularly advise major data providers on complex and technical issues in this area.

    We have particular experience advising insurance industry bodies on data issues including the set up of fraud detection services, such as databases holding detailed claims data. Recent examples include our advice provided to the Motor Insurers’ Bureau in relation to the MyLicence Project (a major data sharing project supported by the UK Government, DVLA and ABI).

    We regularly act for a wide variety of clients, both in the public and private sectors, ranging from retail businesses, to data providers, to insurers and insurance industry bodies, to healthcare providers, universities, police forces and local authorities, to providers of short term loans and automotive companies.


    Protecting personal data is key for us and we found that when working with Weightmans we were able to find watertight solutions to data protection questions in critical areas such as data sharing and data security. 
    Kaushik Patel, Head of Risk and Compliance, Motor Insurers' Bureau

    Main Contact
    Is your smart meter spying on you?

    Is there a risk of smart meters being used to gather digital data that could fall in to the wrong hands? Simon Colvin assesses the threat.

    Simon Colvin
    Simon Colvin Partner
    GDPR Countdown Week 10: Privacy Notices

    12 Week Countdown to GDPR continues…

    Public sector case law update

    With numerous important judgements passed recently, we have summarised recent cases with links provided to the full judgments and our legal updates…

    Peter Wake
    Peter Wake Partner

    GDPR Countdown Week 11: Data Protection Basics

    With 11 weeks now to go until GDPR becomes law, this is our second short piece on the most important aspects of GDPR.

    Mark Leach
    Mark Leach Partner

    Big Data means big challenges – and opportunities

    The era of Big Data means insurers must balance the benefits with increasing responsibility. The burden of responsibility will undoubtedly increase…

    Sean Crotty
    Sean Crotty Partner

    Employers vicariously liable for data breach

    Employers could be vicariously liable for misusing employee’s data even if they had done all they reasonably could to prevent it.

    Martin Forshaw
    Martin Forshaw Partner

    GDPR: what to do when a data breach occurs

    The General Data Protection Regulation will introduce strict new reporting and record-keeping requirements in relation to data breaches.

    GDPR: Can we still rely on employee consent to process data?

    The implementation date for the General Data Protection Regulation (“GDPR”) is beginning to loom large on the horizon (25 May 2018).

Share on Twitter