It has now been over five years since the GDPR (General Data Protection Regulation) came into force – and with it a major shift in what was expected of organisations when it comes to data protection compliance.

Although the GDPR was originally a European regulation, the standards and principles it set out have been transposed into UK law through the Data Protection Act 2018, which introduced a new UK GDPR.

Since then in the intervening period, employers have navigated the COVID pandemic and massive changes to the way we work with the increase in hybrid working, which has inevitably led to changes in the way they hold and utilise data. From our experience advising clients on their data protection compliance obligations over these last five years, here are our top tips when it comes to managing data protection issues in the workplace:

We often say that compliance is a journey, not a destination. It requires an ongoing commitment and if the team at Burness Paull can help you along the way please do not hesitate to get in touch. In particular, now might be a good time to consider carrying out an organisation-wide privacy audit / compliance “health check” through our newly established Data Protection Consultancy practice. If that sounds of interest, you can contact us here to arrange a time to discuss further.

For further information on how we can assist with any subject access request queries, please see here .

Written by

Related News, Insights & Events

Burness Paull & the Scottish Wholesale Association webinar: The new duty to prevent sexual harassment in the workplace

13/05/2025 - Online

Webinar discussing the new duty to prevent sexual harassment in the workplace.

For Women Scotland Ltd v Scottish Ministers: Supreme Court rules on meaning of “sex"

The Supreme Court has ruled that “man”, “woman” and “sex” in the Equality Act 2010 refer to biological sex, clarifying how sex-based rights apply in law.

Dawn Raids – recovery of evidence in Scotland

An overview of the Dawn Raid in Scotland with key implications of the Section 1 order known as Administration of Justice (Scotland) Act 1972.

Want to hear more from us?

Subscribe here

Advice for the way we live our lives.

Burness Paull is known globally as the go-to Scottish law firm.

Guide: Doing Business in the UK

Legal insights

For Women Scotland Ltd v Scottish Ministers: Supreme Court rules on meaning of “sex"

Events

Tech & IP Conference 2025: Evolution or Revolution?

Topics

Welcome to Burness Paull.

Human and high-performing

Delivering real change for our clients, people and communities

Responsible business lies at the heart of our decision-making.

Firm news

Burness Paull promotes five lawyers to partner

We believe you’re not a tiny cog in a giant machine.

Vacancies

Looking for a workplace that will value your curiosity, passion, and desire to grow?

Don't settle for standard, help us set new ones.

Vacancies

How can we help you today?

Top tips – managing data protection issues in the workplace

It has now been over five years since the GDPR (General Data Protection Regulation) came into force – and with it a major shift in what was expected of organisations when it comes to data protection compliance.

Written by

Related News, Insights & Events

Burness Paull & the Scottish Wholesale Association webinar: The new duty to prevent sexual harassment in the workplace

For Women Scotland Ltd v Scottish Ministers: Supreme Court rules on meaning of “sex"

Dawn Raids – recovery of evidence in Scotland

Want to hear more from us?