Information law for the public sector
From data protection to your policy on smartwatches
We provide advice and assistance to clients in the public and third sectors on all aspects of the law relating to gathering, holding, processing, securing, using and providing access to information.
In the course of its operation, your organisation will gather a substantial amount of personal data relating to suppliers, customers, employees and others with whom it interacts. In doing so, your organisation must comply with the requirements of the legislation which applies to all personal data that you hold in electronic form and (depending on your sector) selected highly structured paper records.
From 25 May 2018, the General Data Protection Regulation (the GDPR) will come into force. The new UK Data Protection Bill will transpose the GDPR and replace the Data Protection Act 1998. Under the legislation the definition of “public authorities” is defined with reference to the organisations that are subject to the terms of the Freedom of Information (Scotland) Act 2002. Anyone falling under this definition should be aware of their additional obligations under the GDPR. The new rules will have an impact on the way in which organisations manage and process any information relating to identifiable or identified individuals.
Those operating in the Public Sector process personal data as part of their statutory functions and day-to-day activities in relation to - for example, employees, constituents, service users, etc - and they will need to take steps to comply with the GDPR before it comes into force.
Our team can help you to comply with the regulations surrounding data to ensure you follow legal requirements and best practice. We can also assist in the event of an investigation by the Information Commissioner’s Office (ICO).
If you are a public authority subject to the the Freedom of Information (Scotland) Act 2002 (FOISA) and the Environmental Information (Scotland) Regulations 2004 (EIRs), we can advise you on handling requests for information, including application of the exemptions, and undertaking reviews.
Information Law is a broad and dynamic area of law covering everything from GDPR and Freedom of Information to cybercrime. Our team can help you to comply with the regulations surrounding data to ensure you follow legal requirements and best practice
Key contacts - get in touch
-
Senior Associate
-
Partner
Why choose us?
Backed by the strength of one of Scotland’s leading law firms, we have in-depth understanding of the sectors in which you operate and can advise you accordingly from our offices in Glasgow, Edinburgh and Inverness.
We provide clear, practical and commercially focused advice, entrenched in a deep understanding of your organisational needs, ensuring that you not only comply with the law but are able to deal with any practical and regulatory issues which arise.
Our services
We can provide you with help and guidance on the following areas of information law:
- BYOD (bring your own device)
- CCTV
- Compliance audits
- GDPR, FOISA and EIR compliance requirements
- GDPR and FOISA policies and procedures, including EIR charging schedules
- Data transfer agreements
- Direct marketing
- Data security
- Data retention schedules
- Entry into data sharing arrangements
- Information governance and records management
- Interface between FOISA and GDPR
- Mobile apps
- Outsourcing and data transfer agreements
- Privacy and cookie policies
- Registration with the ICO
- Requests for information and personal data
- Social media
- Staff monitoring
- Staff training
- Website compliance
- Wearable technology
Work examples
Subject access requests
Advising a third sector organisation on the handling of a complex DPA subject access request involving over 5000 documents.
CCTV systems
Assisting organisations with the implementation of CCTV systems and compliance with DPA requirements.
App Data Protection
Advising an app developer on the data protection provisions to be incorporated into an end-user licence agreement to be entered into by users of the app.
Information Commissioners
Representing clients during investigations conducted by the Scottish Information Commissioner and the Information Commissioner, including representing the first Scottish registered social landlord subject of an application to the Scottish Information Commissioner
Records management
Advising on the Public Records (Scotland) Act 2011 and drafting records, management plans and retention schedules for approval by the Keeper of the Registers of Scotland
Contact us
Call us for free on 0330 159 5555 or complete our online form below for legal advice or to arrange a call back.