Guidance on GDPR

On 25th May 2018 new regulations concerning Data Protection come into force. The General Data Protection Regulation (GDPR) imposes new and stricter obligations on those who handle data. 

This guidance is intended to be a general reference guide to the subject matter and highlight issues. It is not a definitive statement of law and practice nor is it legal or professional advice. 

Appropriate legal advice should be sought if necessary. Unless otherwise stated, it is based on our understanding of English law and practice. The position may be different in other jurisdictions.

Does it affect me?

It is likely that all expert witnesses handle personal data that fall under the ambit of the GDPR. Indeed, the scope and impact of the GDPR are far reaching and the consequences of non-compliance severe; however, many of the GDPR's main concepts and principles are similar to those contained in the existing Data Protection Act 1998 (DPA) and therefore Academy experts who already comply with the provisions of the DPA will have a good starting point.

Your responsibility to keep up to date

It is likely your primary professional body or regulator will have issued guidance which could be helpful in your Expert Witness practice.

The ICO is still updating and issuing guidance and further clarification will inevitably come forth. In the meantime experts should ensure that where they are acting as the processor they confirm that valid consent has been obtained by their instructing solicitor as data controller. Please see our comments contained herein, however, in relation to this.

This Guidance is aimed at Expert Witness work.

It may or may not be applicable to non Expert Witness work that you undertake.

Essentially all work has to be GDPR compliant. 

Remember:

Make and Keep clear records of actions taken
Apart from it being Best Professional Practice you may subsequently need these records to demonstrate you have complied.