Data protection raises issues of fundamental importance to all businesses and organisations – and their importance continues to grow.  The reputational damage that can be caused by poor data protection policies or breaches can have devastating consequences. 

When this is combined with the Information Commissioner’s Office more proactive approach in dealing with infractions, data protection is an issue that can't be ignored.

Kingsley Napley helps clients negotiate this area of law and to walk the fine line between business need and compliance. 

We advise on all areas of data protection, including:

  • drafting Data Protection Policies, retention schedules, compliance training;
  • how to deal with and respond to subject access requests;
  • carrying out data protection analysis to help clients draft and implement document retention policies;
  • data transfers including international data transfer and regulatory clearances;
  • data destruction.

In addition Kingsley Napley carries out Data Protection Audits for our clients.  These may be fully comprehensive including a review of all data protection systems, policies and practice including staff awareness and training.  A fully comprehensive review for a large organisation is a significant undertaking and we have the resources and experience to carry out all the stages.

Some companies and organisations may prefer us to carry out much smaller data protection audits limited to specific issues or departments.  We discuss our clients’ needs and devise an audit that suits their requirements and budget. 

The European Union is reviewing the data protection directive from which the UK’s Data Protection Act originates and a new draft directive is anticipated in the summer.  It is expected that the new directive will increase the regulation of the storage and use of data.

Please contact Emily Carter at or Richard Fox at for further information.

"They don't preach law at you – they are creative in finding solutions."

Chambers and Partners 2011