GDPR Readiness @ Law Firms
Wolters Kluwer’s ELM Solutions recently conducted a survey of law firms to understand their readiness for the historic General Data Protection Regulation (GDPR) regulatory change. The results show some work still needs to be done.
More than 90% of respondent law firms characterized data security as a high priority. As a reflection of that, 67% provide data security training annually or have provided it in the last 3 years. Despite that emphasis on security, however, fewer than half of firms – only 43% – have appointed a Data Protection Officer (DPO) to oversee General Data Protection Regulation compliance and 40% say they do not have a specific process or plan in place for GDPR compliance at all.
Even more concerning is our finding that only 39% feel their firm is very prepared to meet the regulation by May 25, 2018. This is perhaps a reflection of the stringent nature of the legislation, which necessitates a major undertaking for law firms and other organizations. GDPR is composed of 99 Articles that dictate how and why personally identifiable information (PII) can be collected, along with the methods for processing, securing and accessing PII.
Source: ELM Solutions