What is GDPR?
The General Data Protection Regulation (GDPR) is the European Union “Regulation” which serves to protect the personal data of anyone in the EU. GDPR builds on the 1995 European Data Protection Directive, which each EU country interpreted into its own data protection laws, e.g. the UK 1998 Data Protection Act.
From May 2016, the GDPR entered into a 2 year transition period, giving organisations time to understand the new regulation and ensure compliance. This means that on May 25th 2018, the GDPR will be enforced and must be complied with.
How can LEX help?
LEX Chambers Management is fundamental to the operation and success of many key business processes in Chambers. On that basis, we have taken time to review the principles outlined in the GDPR, and more specifically, how LEX can be used to help Chambers comply with their new regulatory obligations.
In recognition of our responsibilities, both in terms of GDPR and relating to our continued commitment to the introduction of innovative new features for our clients, LEX Version 4.212.01 will include a series of GDPR specific new features and improvements.
A broad outline of the areas of compliance the features will assist with are:
Enforced strong passwords (FIPS 140-2 Compliant)
Two Factor Authentication (2FA)
Secure Single-Sign-On (SAML2 Authentication)
More system auditing of access to data
Send to ‘Draft’ email feature, for data review before final send
Secure cloud based file sharing, storage, collaboration – built for business
File sync & secure mobile access to documents, anytime, anywhere
Client Portals – giving clients secure online portals to access and upload case files
Secure Communication – Replace unreliable/unsecure email attachments with secure/automated ShareFile document links.
Secure Communication – Encrypt email messages, not just attachments
Integration with Office 365 for online previewing/editing of documents
Collect e-signatures with ShareFile & RightSignature
Automated document archiving system (with encryption), with additional options for file deletion.
Marketing & Consent
LEX online forms will capture client consent in a GDPR compliant format
Consent will be obtained via a new ‘Double Opt-In’
All relevant consent data will be stored against contacts.