Industry News

Data protection and workforce diversity collection

09 January 2014

By now, you will be on top of your diversity data collection for the Solicitors Regulation Authority, which legal practices must file by 31 January 2014.

A major concern for all practices is to comply with data protection principles and legislation when publishing diversity data. Those who fail to do so risk being fined by the Information Commissioner up to £500,000. Incidentally, plans have been proposed to impose fines of up to 2% of the worldwide gross revenue of a practice for all data protection breaches from 2015: now is a good time to make sure your frameworks are in place.

In our November newsletter (which members can sign up for) we included a Diversity Monitoring Data Collection Excel Spread sheet. This document can be used to anonymise and collate individual responses in an appropriate format for uploading to MySRA.

Other data protection measures

  • Be aware that filtering data by role category may result in making individuals identifiable, in which case you will need to combine categories or even publish data for the entire firm without a break-down.
  • It is worth noting that small firms or sole practitioners who would fall foul of the Data Protection Act by filing their diversity data are exempt. If this applies, ensure you record the reason via MySRA.
  • If your procedure involved the resaving of questionnaire files to remove the staff member’s name, also check it is removed from the document's properties.
  • Forms returned in paper form should be blanked out and photocopied to remove names, and the originals shredded.
  • Record the name and reference ID in a secure, encrypted or password protected document.
  • The questionnaires themselves should be stored by a similarly secure method/location.
  • Ensure your COLP's email client (e.g. Outlook) is encrypted.
  • Double-check that confidentiality undertakings have been obtained from key individuals who have access to any forms or to the Outlook belonging to the COLP, any person who is an organisation contact or authorised signatory in the firm and any branches of it. We outlined this in October's newsletter.

For a full list of the SRA's requirements, see its Diversity Publication Framework; further information on publishing data is available via the ICO's Code of Practice - Anonymisation: Managing Data Protection Risk.

Don't hesitate to contact your LBS Legal consultant if you require assistance with aggregating or publishing your diversity data. Similarly, contact us if you would like to talk about data protection training for your firm.

Ian Braithwaite
Client Relationship Manager

T: 0845 056 3949
M: 0743 727 4046

For General Enquiries: Email
24 hour Helpline 0845 0563949
or alternatively fill in the contact form below and we will contact you within 24 hours
LBS Legal lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua.

Latest News

Sign up for our newsletter
and join our mailing list.

Lexcel logo
Our endorsements lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua.