The GDPR at a glance
The General Data Protection Regulation (GDPR) is a European regulation passed in 2016, with its entry into force within Member States of May 25, 2018.
The GDPR applies to all private or public bodies that collect and process data from EU residents. say personal, even sensitive.
thepersonal dataincludeyour personal coordinatesorprofessional professionals,lifestyle habits,economic dataandfinancial statements,data of connectionandgeolocation. theso-called sensitive dataare related to yourethnic origins,religious convictions,political opinions,orientation,trade union membership,general,biometry,health,penaltiesandnational identification number.
In the context of data prioritization and data-centralization, the GDPR aims to ensure the security and confidentiality of your data and that of your customers.
What impacts for your practice?
As a lawyer, you collect and process personal and sensitive data. As such, you are obliged to comply with the GDPR. This means designating a Data Protection Officer, collecting a minimum of personal data, guaranteeing your customers' rights regarding their data, auditing your internal systems in terms of security and confidentiality, and ensuring that your potential subcontractors. in accordance with the GDPR(cf. GDPR: Prepare 6 steps - Cnil, Practical Guide: Lawyers and GDPR - CNB).
Your obligations also depend on your role in data processing. Indeed, there is an important distinction in the GDPR between the person collecting the data in a specific finality (i.e. Data Controller) and the one who processes them (i.e. Data Processor). Thus, if you store the data you collect (on your computer, USB flash drive, external hard drive, local server, etc.) you are considered both Data Controller and Data Processor. In this case, you must guarantee yourself the security and confidentiality of your data by setting up, for example, a redundancy, backup games, encryption of your data, etc.
This can be complex but especially far from your area of expertise. In addition, in case of non-compliance with the GDPR, you are subject to a fine of up to 20 million euros or 4% of your global turnover (cf. Article 83 of the GDPR).
Jarvis, your dedicated Data Processor
Fortunately at Jarvis, the security and confidentiality of your data has always been at the heart of our concerns, long before the GDPR came. We have always made sure that your data are debated in France in an ultra-secure way (cf. Security and GDPR within Jarvis).
With Jarvis, you no longer have to worry about these security and confidentiality obligations to the extent that we perform this role of Data Processor for you. Indeed, Jarvis provides you with all the guarantees of security and confidentiality of your data in strict accordance with the GDPR. You can focus on managing your files and exchanging peace of mind with your customers. Jarvis takes care of the rest.
locally installed software: be careful!
Many lawyers still use locally installed software (on your computer's hard drive or on your local server). Attention: these software automatically makes you the Data Collector and Processor and thus remind you the daily management of the security and confidentiality of your data! Another major argument in Jarvis's favour over locally installed management software.