For small practitioners, the GDPR regulations add another layer to the administrative burden carried by the business. However, it is important to view it in a positive light given the sensitive nature of information held on behalf of clients. The regulations ensure that client information is securely stored and businesses who do not adhere to these regulations may face large fines. Businesses must comply with the following rules:
- Ensure to obtain and retain client’s consent
- Keep a note of all third parties storing client’s data
- Review the file at the conclusion of the case and plan a date for the destruction of all sensitive data
It is important to remember that when you collect data such as employment or health information on a client, you need to inform him/her of the following:
- What the data will be used for
- A description of the exact data you are collecting
- How long you intend to keep the data
- Who to contact if he/she has any questions or if he/she would like that data to be removed
If you would like further information on our GDPR policy, please see our Privacy Notice or if you have further queries on this matter, feel free to call us on +353 (42) 933 2362 or email us