Skip links

GDPR

Testimonials

It has been a pleasure working with Peregrine Law.  Andrew's responsiveness to our business needs and practical advice has been key to  providing a solid basis for our venture.  I am happy to recommend Peregrine for the great value that they bring

Ben Mein CEO, Harness Property Intelligence

The team at Peregrine have over delivered on everything we have given them. Not only do they provide intelligent and insightful advice, they take the time to understand our business and its nuances, ensuring that they are always relevant and commercial.

Nick Whitfield CEO, CityUnscripted

We highly recommend using the team at Peregrine Law. They’ve made an effort to really understand our business and the risk management challenges we face across multiple markets. They are great value.

Henry Watkinson COO, Headstart Advisers

Experts at analysing GDPR risk for businesses and advising on mitigation and process/policy implementation

At Peregrine, we have invested in developing real expertise on data protection and privacy particularly in light of the GDPR.  On 25 May 2018, the General Data Protection Regulation will become effective in all European Union member states and will apply to all organisations operating in the EU (including non-EU businesses who provide goods or services to individuals in the EU). The expectation of the GDPR is that organisations will be fully compliant on that date. There will be no grace period.

There has been a lot of noise around GDPR particularly focusing on the new compliance burden and the penalties for data breaches.  A lot of the coverage has been helpful for businesses but there’s also been scaremongering leading to the relevant UK regulator, the ICO (Information Commissioner’s Office) releasing a statement branding the GDPR as an evolution in data protection, rather than a revolution. This implies that if an organisation is compliant with the Data Protection Act 1998 (DPA) it will be largely compliant with the GDPR.

Complacency is not really an option however for any of us running companies and no one should underestimate the amount of work that may be required before 25 May and beyond.  We are now working with our clients to identify what needs to be done within their businesses and how best to do it.

Our recommended GDPR strategy for clients starts with a simple 3 step process:

  1. Audit/Gap analysis – Peregrine prepares a questionnaire (tailored and relevant to your business in Europe) the answers to which will give us, for example, detailed information on what data you hold, how you hold it, how you process it, who you share it with (including internally across borders).
  2. Recommendations – Peregrine produces a report giving a series of practical recommendations for the client to ensure they are GDPR ready and compliant come 25 May 2018.
  3. Implementation – you, with our support if you want it, then decide how, when and who best to implement the recommendations and lead any requisite changes to policies and procedures.

Please contact our GDPR team leaders Andrew Elishahoff or Richard Collis or any of your usual Peregrine contacts if you’d like to discuss GDPR or any other operational risk management issue.

Related Posts

Key Contacts

Andrew Elishahoff

Corporate & Commercial

+972 50 2556668

+44 (0)20 3858 0800

Richard Collis

Corporate & Commercial

+44 (0)7875 426944

+44 (0)20 3858 0800