Property - Land Registry -Digital Identity Standard - Safe Harbour - Client ID

This was published on 17th November 2020 by the Land Registry and launched on 12th March 2021. The aim is to promote the development of easy to use, modestly priced, remote and digitally secure options for conveyancers to use with their clients. Relevant for both Domestic Conveyancing & Commercial Property.

To reach ‘safe harbour’, the client must hold a form of evidence that can be checked by interrogating cryptographic security features within the evidence. Conveyancers must check that the evidence is genuine. The conveyancer must make sure the biometric information captured from a ‘liveness check’ matches biometric information in the chip within the evidence.

Property Lawyers representing a transferor, borrower or lessor must connect the client to the property by obtaining two examples from a set list of evidence, and check that the name and address matches the identity.

The standard is not compulsory and other means of identifying parties to a transaction can be used. However, Land Registry says it will not seek recourse for negligence if a conveyancer carries out all the requirements under the standard.

Here is a link to it: https://www.gov.uk/government/publications/encouraging-the-use-of-digital-technology-in-identity-verification-pg81/practice-guide-81-encouraging-the-use-of-digital-technology-in-identity-verification

Support for you

We provide a 'One-Stop-Shop' for Business Support for Law Firms and other Professional Services businesses. Everything to allow the busy partner to get on with the client work. While you're here, may we invite you to take a look at our services & compliance in the drop down menus above. Should you not see what you're looking for then please ask. We will build around what you need. 07887 524507 or [email protected].

How’s Business? As so often happens, the idea of this article came from a conversation. On this occasion it was from a conversation with a new contact on LinkedIn. I normally try to have a chat with a new LinkedIn contact so that we learn a little about each other and our businesses.

So, what do you think of when I ask ‘How’s Business?’? What’s your immediate reaction? Does it momentarily cause you to reflect on your business and how things are going? Does it bring a particular issue to mind? What do you think of the person asking you the question? If you stop to think about how the question affected you then, perhaps, it might affect people of whom you ask that question in a similar way. I’d suggest that it opens the door to a possible conversation.

The next step ought to be that you listen. Amongst other things, I’ve done some training as a coach, counsellor and a mediator. One of the key things in the training is ‘active listening’. This is not just waiting for a gap so that you can express your views. It is not even listening to the content so that you may express your views on what they’ve said. It is also listening to what people are saying around the words, as well as what they’re saying, by not saying certain things. It’s deep listening. It’s listening with empathy, using your experience of life, of their sector of business, with imagination. You’re listening for the deeper things that might be driving how they’re feeling – where the stress or pain points are in what they’re talking about.

In this phase of the conversation you’re not seeking to express too much opinion. Instead you are seeking to explore. So, questions you ask should be open questions. What are those? Questions to which it is difficult to answer with a simple ‘yes’ or ‘no’. Typically, they are questions starting with ‘why’ and ‘how’. In a business context I personally would steer away form asking how they feel about that, as it might come across as a bit weird, but you would be listening out for the points of stress and pain.

Also, listen out for pauses. Resist the urge to fill them. The person with whom you’re speaking may have paused to think or deal with emotion before speaking. Don’t cut them off. Silence can also be a powerful tool to elicit more information. When in private practice as a litigator, I used this in negotiations – let the other side sweat after I’d made a proposal or asked a question. Often, they would feel the pressure to say something, which might cause a concession or some useful information. We feel awkward when the ball has passed to us in a conversation and there is silence. You might subtly be able to use that.

All of this might take some time and is normally best in a one to one situation. It works best, I would say, in a face to face environment, as we speak as much with body language as with our words. However, many of our conversations are now taking place by video call. Then there is the phone as well. I’m sure we have all managed to have a deep conversation by phone – so it can be done. We will have to adapt and learn how to use the medium.

So why am I going on about this? Well, I would suggest that these 2 words in the question open the door to the possibility of a conversation where you might be proactive about creating opportunities rather than reactive. I was in practice for 24 years, 14 of which as an equity partner of a mid-sized law firm. Since setting up HCL in 2014 I have worked with over 300 law firms. My perception is that most solicitors are reactive. They wait for clients to approach them with a request for assistance, effectively delivering a job to them on a plate. Yes, they may invest in advertising, which is a way of driving more requests for work to them. What most are not good at is working their own client base. Most law firms will have a gold mine of existing and past clients. These are the easiest people from whom to get work or recommendations from which to get more work. (I’ve written people on purpose, because, even in corporate and commercial work, it’s people with whom you have the relationships and who make the decisions.) Instead the firm will hunt for exciting new clients. These cost more to acquire.

As a side issue – does your firm track stats on how much it costs to acquire a new job? Not many do. It’s not something I commonly see as a report in case management systems. It would be very informative. In some practice areas, where the new work most often comes in by advertising, one might have a approximation of this. In most others it is seldom done. Take for example a new business client. Do you take into account the golf days, meetings, lunches, phone calls etc, salary and other overhead costs of the person courting of the client before they come onboard? I recently had quoted to me that a case management system provider has an average new client acquisition cost of £8,000. It makes you think. I would suggest that this should be factored into the profitability calculation of work by client, work type or practice area.

Place against this the cost of acquiring new work from an existing client. Normally much lower. At the very least firms should be sending out a regular newsletter to their client base reminding them that they exist and what they do. That can be done by email for little cost. It’s just nuts if one of your clients goes to another firm just because they couldn’t remember who they used last time they needed legal advice. What happens if your staff get into the habit of asking of their clients (where appropriate) ‘How’s Business?’? Most of their clients will work (you could change it to ‘How’s Work? In some circumstances.). It opens up the possibility that you might learn more from them. The bond you would with them will be deeper and they will trust you more for asking about them beyond the transaction with which you’re dealing. (Solicitors trade on trust.) Knowledge is Power? Well it’s certainly opportunity. You might learn of other aspects in their life with which your firm could assist – if not now, then potentially in the future (keep a note to touch base, with their permission).

Cross-referrals to colleagues. This is a subject for an article in itself, indeed a book. Again, my experience is that law firms, indeed professional services in general, are not good at doing this. I would suggest that your business will be much stronger and more profitable if you have a culture of cross referring, of working as a unit rather than lots of sole practitioners. Changing culture is another huge topic. However, visualise a firm where people are positively encouraged, perhaps even incentivised to actively look for cross referral opportunities in their client base, where the cost of acquisition is measured (work coming from an existing client will cost a fraction of the cost of acquiring a new client in most circumstances), where a regular relationship is maintained with your existing clients. Clients with whom you already have a deep relationship, handling several of their needs, are likely to be much more sticky and indeed willing to pay higher fees, as they perceive more than just price in the value that you deliver.

If this all sounds a bit daunting, you can start with small steps. We recently helped a long-standing client, a law firm which became a client in 2016. We write a monthly newsletter, so we remained in touch. They contacted us when they wanted to move offices earlier this year – a result of them reassessing their property needs in the light of the changing commercial rent environment in the Covid crisis. As well as assisting with changing their letterhead and suchlike, we helped them messaging all existing and past clients to tell them of their new address. When drafting the precedent email, I asked if I might include a paragraph listing the services they provided (which I took for their website). When I contacted my client firm 3 days after the mail merge had gone out, the owner told me that they had already taken 3 new instructions from existing clients as a result, totalling nearly £5,000 net fees!

So – How’s Business?

We have had quite a few aspiring solicitors asking for guidance on this subject - quite understandably. The SRA has published some helpful guidance on this subject. Below are some of the most pertinent points.

However, first of all here is a link to a really useful tool the SRA have put up. It is a decision tree as to whether to take the SQE or LPC route. It's in the form of a series of questions, the answer to which take you to advice.

Our transitional arrangements may already apply to you because you have started or completed a qualifying law degree, the Common Professional Examination / Graduate Diploma in Law or an exempting law degree. . But you can also choose to qualify on the current route or take the SQE, if you have started or completed the LPC, or if you have accepted an offer to start on the LPC, or paid a non-refundable deposit, before 1 September 2021.

Once you have the LPC, to qualify on the current route by 31 December 2032, you'll also need to:

Already have started or accepted an offer of a period of recognised training before 1 September 2021?

If you have started, or accepted an offer to start, a period of recognised training (also known as a training contract) before 1 September 2021, then you can qualify as a solicitor through the current route.

To qualify this way, by 31 December 2032, you'll also need to:

If you are unable to complete a PRT, you can chose to qualify through the SQE.

Period of recognised training offers for non-law students

It is possible that some non-law students may accept the offer of a PRT before 1 September 2021, and before they have been offered a place on a CPE/GDL.

In this case you may start a CPE/GDL programme up until 31 August 2022, and which meet our requirements for the CPE/GDL.

You will need to keep the evidence of your accepted offer in order to be accepted onto the CPE. For example, this could take the form of the exchange of correspondence between you and your training provider, accepting the offer of a PRT.

Equivalent Means

This is a route where you are asking the SRA to look at what you've done and agree that it is equivalent to what you need for an alternative way of qualifying. More info here: https://www.sra.org.uk/students/resources/equivalent-means-information-pack/

Here is the link to the whole SRA article: https://www.sra.org.uk/students/sqe/transitional-arrangements/

Our External QWE Confirming Solicitor Service - assistance for Aspiring Solicitors

Learn here how we can help you get the experience that you have acquired Confirmed so that it counts towards your 2 year requirement under the SQE. https://hunningsconsultancy.co.uk/external-qwe-certification-service-2/

The UK has left the EU and the transition period is set to end on 31st December 2020. Up until then all UK organisations are bound by the General Data Protection Regulation (GDPR). So, what happens after 31st December 2020?

After the end of the transition period the GDPR will be brought into UK law under what’s known as the UK GDPR, which will be supplemented by the Data Protection Act 2018. This UK legislation closely mirrors the GDPR with some changes, especially around transfers of data between the UK and the EU/EAA. UK organisations that have an establishment in the EU or offer goods or services to, or monitor the behaviour of, EU individuals will continue to be bound by the EU GDPR, and may need to review their documentation.

Adequacy – In order to protect individuals’ personal data when it is transferred from the EU to a ‘third’ country i.e. a country outside of the EU, the European Commission looks at the protections offered by that country, in particular its data protection legislation as well as the way that government treats data privacy. If the Commission is satisfied that a third country offers sufficient protection it awards what is known as an adequacy decision. Once an adequacy decision is awarded, transfers can go ahead unhindered, as if they were being transferred within the EU. Once the transition period ends on 31st December 2020, the UK will become a third country, and how data can be transferred from the EU to the UK will depend upon whether the Commission awards an adequacy decision to the UK. This is by no means a forgone conclusion. Discussions are under way but the trade negotiations as well as EU concerns over UK government surveillance leaves a question mark over the likelihood of adequacy being achieved, especially in the short-term. In the absence of such a decision, organisations will need to find different lawful bases for dealing with their EU business, such as standard contract clauses, binding corporate rules etc.

The transfer of personal data from the UK to EU countries can continue as normal after 31st December 2020, because the UK has in effect given the EU an adequacy decision.

EU Representatives – organisations offering goods or services or monitoring the behaviour of individuals in the EU and that have no offices or branches in the EU will, after 31st December 2020, be required to appoint a representative in the EU. Organisations offering products or services to more than one EU country will not need to appoint a representative in each country but normally would to do so in the country where most activity takes place. Contact details for the representative must be included in the organisation’s privacy notice and a written agreement must be in place with the representative detailing the representative’s responsibilities. The representative will be the main point of contact for the local data protection authority/authorities as well as data subjects.

Under the UK GDPR it is intended that organisations outside of the UK that are bound by the UK GDPR will be required to appoint a representative in the UK.

Standard Contract Clauses – traditionally, organisations transferring personal data to countries outside the EEA and where no adequacy decision is in place, have been able to use approved standard contract clauses (SCCs) as a lawful basis for such transfers. The recent Schrems 2 ruling by the Court of Justice of the European Union (CJEU) agreed that SCCs are still valid, but that in order to rely on them organisations need to carry out (on a case by case basis) a risk assessment and consider implementing additional safeguards. SCCs place strict obligations on the parties and in some cases risk assessments may well throw up issues that give cause for concern. The CJEU also put pressure on data protection authorities (in our case the ICO) to be proactive in ensuring organisations comply. Particular difficulties may be encountered by organisations transferring to the USA because any risk assessment will reveal the very issues that led to the demise of the Privacy Shield.

There is a plan to introduce new, updated SCCs at some point but our advice in the meantime is to put SCCs in place, carry out the risk assessment and apply whatever safeguards you can, such as encryption, pseudonymisation.

Contact us if you have questions: [email protected] or 07887 524507

Here is a link to our DPO (Data Protection Officer) Service: https://hunningsconsultancy.co.uk/dpo-service-data-protection-officer/

Here we have gathered together information anda number of useful articles from the Law Society so that you may find them easily in one place. 

The new national lockdown will come into force in England at 12.01am on Thursday 5 November and last until at least Wednesday 2 December. 

In Wales, the restrictions brought in through the national ‘firebreak’ lockdown will continue until 9 November.

But remember - you can Carry on Trading!!

What are the new restrictions in England?

The most relevant points for solicitors include:

  • going to work – everyone who can work effectively from home must do so. Where people cannot do so, they should continue to travel to work/attend their workplace
  • international travel – outbound international travel and overnight stays away from home are to be banned, unless for work purposes. If people must travel, they should follow the quarantine guidelines and relevant travel corridor restrictions
  • courts – courts will remain open unless otherwise stated
  • education – childcare, schools, colleges and universities will remain open and the prime minister stressed school is the best place for children to be
  • vulnerable people – clinically vulnerable people have been asked to follow the restrictions closely as far as possible. New guidance will be published on visits to care homes
  • property market remains open – the housing secretary has given an update on the housing market update ahead of second lockdown:
    • renters and homeowners will be able to move
    • removal firms and estate agents can operate
    • construction sites can and should continue
    • tradespeople will be able to enter homes
    • all must follow the COVID-19 safety guidance
  • key workers – the definition of 'key workers' will be the same as it was in the first lockdown and will therefore cover solicitors if they fall within these categories:
    • advocates (including solicitor advocates) required to appear before a court or tribunal (remotely or in person), including prosecutors
    • other legal practitioners required to support the administration of justice including duty solicitors (police station and court) and barristers, solicitors, legal executives, paralegals and others who work on imminent or ongoing court or tribunal hearings
    • solicitors acting in connection with the execution of wills
    • solicitors and barristers advising people living in institutions or deprived of their liberty

Some articles

Blueprint for law firms and solicitors facing local lockdowns

https://www.lawsociety.org.uk/topics/coronavirus/practical-framework-for-law-firms-and-sole-practitioners-on-return-to-the-office

Coronavirus (COVID-19) information for legal services

https://www.lawsociety.org.uk/topics/coronavirus/coronavirus-covid-19-information-for-legal-services

Guidance to law firms on the Job Support Scheme

https://www.lawsociety.org.uk/topics/coronavirus/guidance-to-law-firms-on-the-job-support-scheme

Ups and downs: lockdown and high street conveyancing firms

https://communities.lawsociety.org.uk/september-2020/ups-and-downs/6001304.article

Why law firm leaders need to take a break

https://communities.lawsociety.org.uk/coronavirus-managing-in-a-recession/why-law-firm-leaders-need-to-take-a-break/6001217.article

Getting back to the office: supporting your people

https://communities.lawsociety.org.uk/coronavirus-managing-in-a-recession/getting-back-to-the-office-supporting-your-people/6001322.article

The Law Society Gazette reports today that the Legal Services Board has approved the SQE - due to start in the autumn of next year.

Uncertainty has been removed. Qualifying as a solicitor will be by this method from the autumn on 2021. Here's a link to the article in the LS Gazette announcing this: https://www.lawgazette.co.uk/news/its-official-lsb-approves-solicitor-super-exam/5106169.article?

For information about the SQE see here: https://hunningsconsultancy.co.uk/the-new-sqe-exam-and-qualification-method/

For information on how you can use the Apprenticeship Scheme to pay for the SQE training costs see here: https://hunningsconsultancy.co.uk/apprenticeships-the-sqe-how-this-can-save-you-money/

For information on how we can help aspiring solicitors with monitoring your QWE see here: https://hunningsconsultancy.co.uk/external-qwe-certification-service-2/

DPO Service:

We are pleased to be able to announce that we are launching this new service for our clients. https://hunningsconsultancy.co.uk/dpo-service-data-protection-officer/ This is another element of our Business Support for Law Firms & Other Businesses. Having a Data Protection Officer for your company is are requirement where you a public body or you handle large amounts of personal data. Examples might be: recruitment companies, call centres, GP surgeries, security companies (eg CCTV footage). Even if the appointment of a DPO is not mandatory under GDPR, the ICO still recommends the appointment of a DPO, or , if you decide not to do so, then a note be made to record the decision and reason. Having a DPO demonstrates your commitment to protecting personal data.

How can we help? Advice & assistance. You may appoint someone outside your organisation. That saves you putting them on the payroll. It allows you to buy the time you need. It frees up a senior staff member to work on other issues. It also means that you have someone independent who is an expert and may state bluntly what needs to be done without fear of how it might affect their prospects in the organisation.  We can also help you when and if you receive a Subject Access Request.

How can we help?

If you would like to discuss our Data Protection Officer services or indeed any issues relating to data protection, please email us at [email protected] or call 07887 524507.

Here is a link to a summary of our DPO Service: https://hunningsconsultancy.co.uk/dpo-service-data-protection-officer/

Here is a link to an article on who has to have a DPO, their role and responsibilities and the source legislation: https://hunningsconsultancy.co.uk/what-does-a-dpo-do-who-needs-one/

What does the DPO do?

In short, help to ensure that your organisation protects the personal data that it handles and remains compliant with GDPR. For some organisations the appointment of a DPO (Data Protection Officer) is mandatory, for others recommended.

The GDPR states that:

“The data protection officer shall have at least the following tasks:

  • to inform and advise the controller or the processor and the employees who carry out processing of their obligations pursuant to this Regulation and to other Union or Member State data protection provisions;
  • to monitor compliance with this Regulation, with other Union or Member State data protection provisions and with the policies of the controller or processor in relation to the protection of personal data, including the assignment of responsibilities, awareness-raising and training of staff involved in processing operations, and the related audits;
  • to provide advice where requested as regards the data protection impact assessment and monitor its performance pursuant to Article 35;
  • to cooperate with the supervisory authority;
  • to act as the contact point for the supervisory authority on issues relating to processing, including the prior consultation referred to in Article 36, and to consult, where appropriate, with regard to any other matter.”

..and further states that “The data protection officer shall in the performance of his or her tasks have due regard to the risk associated with processing operations, taking into account the nature, scope, context and purposes of processing.”

In terms of the DPO role there are various considerations for organisations to take into account.

What do you have to do to support the DPO?

You must ensure that:

  • the DPO is involved, closely and in a timely manner, in all data protection matters;
  • the DPO reports to the highest management level of your organisation, i.e. board level;
  • the DPO operates independently and is not dismissed or penalised for performing their tasks;
  • you provide adequate resources (sufficient time, financial, infrastructure, and, where appropriate, staff) to enable the DPO to meet their GDPR obligations, and to maintain their expert level of knowledge;
  • you give the DPO appropriate access to personal data and processing activities;
  • you give the DPO appropriate access to other services within your organisation so that they can receive essential support, input or information;
  • you seek the advice of your DPO when carrying out a DPIA; and
  • you record the details of your DPO as part of your records of processing activities.

This demonstrates the importance of the DPO role to your organisation and shows that you must provide sufficient support so they can carry out their role independently. There is a requirement for your DPO to report to the highest level of management and must have direct access at board level in order to give advice so that senior management can make informed decisions in regard to data protection and processing.

 Who must have a Data Protection Officer?

For the following organisations the appointment of a DPO is mandatory under GDPR.

The GDPR states that a Data Protection Officer must be appointed:

  • If the processing is carried out by a public authority or body, except for courts acting in their judicial capacity; So, for example, all local authorities are obliged to appoint a DPO
  • If the core activities of the controller or the processor consist of processing operations which, by virtue of their nature, their scope and/or their purposes, require regular and systematic monitoring of data subjects on a large scale; for example companies working in the data sector, social media companies etc., where they are monitoring a large number of individuals (and this will also include for example the use of CCTV)
  • If the core activities of the controller or the processor consist of processing on a large scale of special categories of data pursuant to Article 9 or personal data relating to criminal convictions and offences referred to in Article 10.

The following types of data are defined as ‘special categories of data’ under Article 9 of the GDPR:

  • personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership
  • genetic data, biometric data for the purpose of uniquely identifying a natural person
  • data concerning health, data concerning a natural person's sex life or sexual orientation

There is no definition of ‘large scale’ in the legislation though the ICO advises that “processing may be on a large scale where it involves a wide range or large volume of personal data, where it takes place over a large geographical area, where a large number of people are affected, or it is extensive or has long-lasting effects”. So, it’s likely that the following sorts of organisations will be required to appoint a DPO: most GP surgeries, all hospitals and many companies in the healthcare sector, companies with a very large number of employees, companies using ID verification in large numbers, trade unions, recruitment companies, call centres, security companies (eg, handling CCVT) etc.

 Appointing a Data Protection Officer (DPO) is not mandatory for all organisations, but all organisations are encouraged to at least consider the option of appointing a DPO. Having a DPO demonstrates a commitment to protecting personal data but should also help organisations remain compliant. If you decide not to appoint a DPO then you should clearly document your rationale for this decision. The ICO says “Regardless of whether the GDPR obliges you to appoint a DPO, you must ensure that your organisation has sufficient staff and resources to discharge your obligations under the GDPR. However, a DPO can help you operate within the law by advising and helping to monitor compliance. In this way, a DPO can be seen to play a key role in your organisation’s data protection governance structure and to help improve accountability.”

 Who can be your DPO?

Many people underestimate the importance of the DPO role and the extensive duties and responsibilities that go with the role.

The GDPR states that the DPO “shall be designated on the basis of professional qualities and, in particular, expert knowledge of data protection law and practices and the ability to fulfil the tasks referred to in Article 39” (see below re tasks of the DPO).

Organisations can appoint a member of staff as their DPO provided they meet the criteria and importantly, provided there is no conflict with their other duties. For example, employees who decide or have influence over the means or manner of processing of personal data cannot be appointed as DPO.

Internal or Outsourced?

Many companies choose to outsource their DPO to ensure independence and to ensure that they are getting the right level of expertise and experience. Often the role will be part-time and partly conducted remotely, but DPO’s must have direct access to senior management and must gain a full understanding of the company’s processing activities, and this is unlikely to be possible without visiting the company’s premises and engaging with employees. Article 38 for example states that “The controller and the processor shall ensure that the data protection officer is involved, properly and in a timely manner, in all issues which relate to the protection of personal data.” Data Protection Officers should also provide or ensure training for all staff involved in processing activities.

Finally, a few FAQ’s

What happened after Brexit, does it dilute the requirement for a Data Protection Officer?

No, the rules will remain the same after the Brexit process is completed as the GDPR will be incorporated into UK law (with some minor changes) under the European Union (Withdrawal) Act 2018.

Can we have more than one DPO?

No, an organisation can only have one named Data Protection Officer, though of course you can have other data protection staff to support the DPO.

Can someone be DPO for more than one organisation?

Yes, a DPO can work for more than one organisation and this will often be the case with outsourced DPOs. Obviously a DPO has a duty of confidentiality and this should be included in any contract with your DPO.

Can we outsource our DPO?

Yes, you can, and in many ways this is a good way to demonstrate independence and avoid any conflict of interest. However, a DPO can be an existing member of staff so long as they have the right level of expertise and are not involved in making decisions concerning the processing of personal data. If you are thinking of appointing a DPO please contact us for an initial chat. 07887 524507 or [email protected]

Is it the responsibility of the DPO to make sure we are compliant with the legislation?

No, the organisation (whether you are a controller or a processor) is responsible for ensuring you are compliant, although clearly the DPO will be highly involved in helping you become and remain compliant

How can we help?

 If you would like to discuss our Data Protection Officer services or indeed any issues relating to data protection, please email us at [email protected] or call 07887 524507.

Here is a link to a summary of our DPO Service: https://hunningsconsultancy.co.uk/dpo-service-data-protection-officer/

For reference, the relevant Articles in the GDPR are given below:

Article 38

Position of the data protection officer

  1. The controller and the processor shall ensure that the data protection officer is involved, properly and in a timely manner, in all issues which relate to the protection of personal data.
  2. The controller and processor shall support the data protection officer in performing the tasks referred to in Article 39 by providing resources necessary to carry out those tasks and access to personal data and processing operations, and to maintain his or her expert knowledge.
  3. The controller and processor shall ensure that the data protection officer does not receive any instructions regarding the exercise of those tasks. He or she shall not be dismissed or penalised by the controller or the processor for performing his tasks. The data protection officer shall directly report to the highest management level of the controller or the processor.
  4. Data subjects may contact the data protection officer with regard to all issues related to processing of their personal data and to the exercise of their rights under this Regulation.
  5. The data protection officer shall be bound by secrecy or confidentiality concerning the performance of his or her tasks, in accordance with Union or Member State law.
  6. The data protection officer may fulfil other tasks and duties. The controller or processor shall ensure that any such tasks and duties do not result in a conflict of interests.

Article 39

Tasks of the data protection officer

  1. The data protection officer shall have at least the following tasks:

(a) to inform and advise the controller or the processor and the employees who carry out processing of their obligations pursuant to this Regulation and to other Union or Member State data protection provisions;

(b) to monitor compliance with this Regulation, with other Union or Member State data protection provisions and with the policies of the controller or processor in relation to the protection of personal data, including the assignment of responsibilities, awareness-raising and training of staff involved in processing operations, and the related audits;

(c) to provide advice where requested as regards the data protection impact assessment and monitor its performance pursuant to Article 35;

(d) to cooperate with the supervisory authority;

(e) to act as the contact point for the supervisory authority on issues relating to processing, including the prior consultation referred to in Article 36, and to consult, where appropriate, with regard to any other matter.

  1. The data protection officer shall in the performance of his or her tasks have due regard to the risk associated with processing operations, taking into account the nature, scope, context and purposes of processing.

How can we help?

 If you would like to discuss our Data Protection Officer services or indeed any issues relating to data protection, please email us at [email protected] or call 07887 524507

Here is a link to a summary of our DPO Service: https://hunningsconsultancy.co.uk/dpo-service-data-protection-officer/

What do I mean and why is it important?

Here I’m talking about creating a situation where all parties feel that they have gained something. Then everyone feels that it is beneficial. They are much more likely to abide by it, work with it and promote it. It’s much more durable.

People talk about creating a WIN-WIN situation but I would argue that you need to aim for the WIN-WIN-WIN. Why? Actually, there is often a 3rd party. Where or who? Imagine that a manager and an employee agree on a course of action that is mutually beneficial to them, but works to the detriment of the company that employs them. Or an adviser refers in another company to provide a service because they will make a fat commission, but that is not in the interests of the end client.

So I always look for the WIN-WIN-WIN in any situation.

Let's look at some examples in the commercial sphere. A client asks you to do something, you provide the service, they pay you.  That’s a WIN-WIN. How could you turn that into a WIN-WIN-WIN?

  1. Perhaps by making it a win for your company, not just in that transaction. You could make sure you learn from what you did, make templates, improve your process, document it, so that next time you could do it better and more swiftly, perhaps for the same or an enhanced charge, thereby improving profit. You could see if you could package the service. A huge one that solicitors and other professional service firms miss is to ask the happy client to recommend you AND to tell them about other services you offer or listen carefully when they are talking to triggers for other things you could help with.
  2. Perhaps the client asks for services you don’t supply. Do you turn them away? Or do you spend just a little time listening to them and then in looking for someone you can recommend to them to provide that service? If the client is asking you, they are offering you the opportunity to create a WIN WIN WIN. Here you are creating goodwill with the client, strengthening the relationship with the people to whom you refer them and indeed there may well be a reward flowing back (it might be monetary or some other method).

A WIN-WIN-WIN will apply to other areas of life than the commercial transactional. Take, for example, the workplace. It is hugely applicable in Change Management. If you can get the people whom you want to change to believe that it is in their interest to change, so they want to do so you have a classic WIN-WIN-WIN: It benefits the manager trying to implement the change, the employee who feels better with it and works with it and the company that needs the change implemented. In Finance/Accounts, if you get to know your client, spend just a bit of time with them then that will help the relationship that can make the transactions work better for you, for them and also for your employer who might then get swifter payment etc.

Maybe you can also apply this to your children, friends etc. It is what a Mediator will seek to achieve in mediation. Then all sides find a deal they can live with – rather than having one imposed by the courts. It applies to international relations – you’ve got to give the losing side something so that they can save face. It applies to negotiations.

So – go and look for your WIN-WIN-WIN and see what you can find!

The MoJ has published a series of documents for the Legal Profession with advice and guidance for when we leave the EU on 1st January 2021. For ease of reference we have published the links to them below. A lot of important issues. 

Some require urgent action - such as if you are an EU qualified lawyer who owns a UK law firm. It seems to indicate that you will have to requalify!

Legal Services Business Owners:

https://www.gov.uk/government/publications/legal-services-business-owners-from-1-january-2021/legal-services-business-owners-after-1-january-2021

General Guidance here for lawyers:

https://www.gov.uk/government/collections/changes-to-legal-practice-from-1-january-2021-guidance-for-legal-professionals?utm_source=9b45471f-cd7c-4e3c-8d84-5edb73b4e98d&utm_medium=email&utm_campaign=govuk-notifications&utm_content=daily

Cross-Border Civil & Commercial Cases:

https://www.gov.uk/government/publications/cross-border-civil-and-commercial-legal-cases-guidance-for-legal-professionals-from-1-january-2021/cross-border-civil-and-commercial-legal-cases-guidance-for-legal-professionals-from-1-january-2021

Divorces involving the EU:

https://www.gov.uk/government/publications/divorces-involving-eu-from-1-january-2021/divorces-involving-eu-from-1-january-2021

Maintenance Cases involving the EU:

https://www.gov.uk/government/publications/maintenance-cases-involving-eu-from-1-january-2021/maintenance-cases-involving-eu-from-1-january-2021

Parental Responsibiliuty involving the EU:

https://www.gov.uk/government/publications/parental-responsibility-involving-eu-from-1-january-2021/parental-responsibility-involving-eu-from-1-january-2021

Family Law Disputes in general:

https://www.gov.uk/government/publications/family-law-disputes-involving-the-eu-guidance-for-legal-professionals-from-1-january-2021/family-law-disputes-involving-the-eu-guidance-for-legal-professionals-from-1-january-2021

"We at Spires Legal wholeheartedly recommend Ingemar and his team at Hunnings Consultancy Ltd. Ingemar has supported us throughout our journey from new start up to established firm. It is refreshing to have a consultant that takes the time to understand your business and its priorities, stands by your side as it develops and is flexible in approach as your needs change.
The feedback we have from our team, and which we regularly hear from others is that Ingemar is an insightful and knowledgeable trainer who is comprehensive yet engaging in his approach. Still unsure? Five minutes on the phone with Ingemar and you will be sold on how much value he can add to your business!"

Arj Arul - Director at Spires Legal

Click here to see more testimonials

Business Support for Law Firms

We will get back to you within 24 hours. For more information and to discuss how our service can work for you;
Call: 07887 524 507 
Fill out our contact form
Send us an email:
[email protected] 
We look forward to speaking to you...

How Can We Help You?

Contact Form Demo (#1)

WHY COMPANIES CHOOSE US

Quality services, in a timely & efficient manner for a reasonable fee. Assisting clients since 2014 as their Trusted Advisers on matters relating to the running of their Business.
list-altphone-squaretwitterfacebookenvelopelinkedininstagramgoogle