Data protection for public bodies

Data protection and information governance - fixed price legal services for public bodies and local authorities. 

Ensuring that your organisation is compliant with data protection laws and providing advice and assistance when things go wrong.

loading staff

The serious and costly problem facing public sector organisations

Compliance with data protection law is a serious issue. Non-compliance could potentially cost a public body or local authority hundreds of thousands of pounds if that organisation should face legal proceedings for breach of data protection laws. The Information Commissioner’s Office (ICO) – the public body responsible for ensuring compliance – has the power to impose substantial fines where it finds breaches of the legislation. 

There have been many reported cases of the ICO imposing substantial financial penalties on local authorities across the UK for breaching the Data Protection Act 1998.  Currently, the ICO has the power to impose fines of up to £500,000.00 for a breach. 

All public bodies potentially face huge fines and payouts ordered by the courts where complaints and claims are successfully brought against them.  In an age of computer and internet based databases and the ever increasing use of cloud computing and social media platforms, no one is immune from the potential repercussions of a data protection breach. The financial consequences to an organisation could be much greater than you think. You cannot afford to ignore the risks. 

Examples of financial penalties imposed upon public bodies

A £185,000.00 imposed upon an NHS Trust in England for inadvertently publishing the private details of 6,574 members of staff, including their National Insurance number, date of birth, religious belief and sexual orientation.  

A £180,000.00 penalty imposed upon a government department following serious failings in the handling of people’s information.

A £200,000.00 fine imposed upon a public body after laptops containing sensitive personal data were stolen from private premises.

We can help you

If you find yourself facing a complaint, court proceedings or an ICO investigation for breach of data protection or if you are simply keen to ensure that your organisation has adequate procedures in place to minimise the risk of a breach occurring, then we can help. 

Health check - data protection compliance advice, audit services and staff training

If you are not presently facing any complaints or legal claims but you are concerned about your organisation’s compliance with data protection laws, whether your policies and procedures are adequate, whether your staff have adequate training and whether your organisation may be vulnerable, then we can help by reviewing your process and procedures. We can then advise you regarding the areas where you are vulnerable and explain what you should do to minimise the risk. We can also offer bespoke training to your staff to ensure that they are adequately trained to avoid data protection breaches and reduce the risks to your organisation. 

Subject Access Requests (SAR) and Freedom of Information Act (FOI) requests

If you have received a Subject Access Request (SAR) or a Freedom of Information Act (FOI) request and you are unsure about how to deal with it, then we can advise you. It is important to deal with such requests in accordance with the rules specified by the applicable legislation. Failure to do so could lead to complaints and potentially fines being imposed. This could also leave you vulnerable to compensation claims being brought against your organisation in the courts.

Assistance with complaints and ICO investigations

If a customer or client has made a complaint against your organisation about a breach of data protection, then we can help. We can advise you fully about how to deal with a complaint. We can advise you regarding the individual circumstances of the complaint and deal with the matter on your behalf. It is important to respond to complaints adequately and promptly. Failure to respond properly could result in further costly action being taken against your company. 

If a complaint has been referred to the ICO, then we can help you with this. We can advise you fully regarding the complaint and what steps you should take. We can correspond with the ICO on your behalf. 

Assistance with data protection breaches and data protection litigation

If your organisation has breached data protection or if you’re concerned that a breach may have occurred, then we can assist you. We can advise you fully regarding each individual case and assist you in taking the appropriate action. If your organisation is sued or if you have received a letter from a member of the public, or a solicitor acting on their behalf, informing you that they intend to sue your organisation for an alleged breach of data protection, then we can assist. We can advise you fully regarding the claim, how you might be able to defend against it and what you should do in response. We can write to complainants and their solicitors on your behalf and represent you at all stages in the case including any court proceedings and hearings. 

Other areas where we can assist you:

  • Assistance with inter-departmental transfer and exchange of personal data between public bodies
  • Data protection issues relating to internal investigations
  • Protocol Advice
  • Managing risks & privacy/security standards
  • Email policies
  • Internal investigations

Reasons to find out more:

  1. Your organisation and its employees will benefit
  2. It will save you time and worry if things go wrong
  3. It will give you clear direction and control of risks
  4. You’ll be able to budget easily, no hidden costs

Next steps

If you would like assistance in relation to data protection law contact our specialist team now on 0175 321 5096.


We're widely accredited for our work - regulatory & criminal justice

  • Legal 500

It is our business to deliver legal services that work for our clients, you can trust our specialists to take care of things on your behalf. Over the years our regulatory and criminal justice team has been recognised by industry awards and accredited for their excellence.

Memberships & accreditations

8.2 out of 10
Trustpilot logo4-stars on trustpilot Based on count 290

We're Great

It is our business to deliver legal services that work for our clients, and you can trust our specialists to take care of things on your behalf.

Our Trustpilot reviews

Extremely happy with the service. Employees are very helpful and kept me up to date even on the smallest change, this is the best company I have used, strongly recommend the firm, and would definitely use them again.
View from a human rights law & civil liberties client

The IPCC becomes the IOPC - what are the key changes?

As of 8th January 2018, the former Independent Police Complaints Commission changed to the Independent Office for Police Conduct. The change was agreed through the Police and Crime Act 2017. It is certainly not the first time there has been a proposed...

Read more

Twitter block 1 tweet

Everything you need to consider if selling your business in 2018

Whether you want to wind down, or are looking to make a fresh start, 2018 may be the year for you to sell your business. If you’re thinking about selling your business or you are already in talks to do so, it is beneficial for both you and the...

Read more

Data protection team reorder

  • Stuart Crook
  • Carl Johnson

We're always here for you

As an award-winning top 150 law firm, with over 450 staff based in offices across the country, you're never far from the advice you need.

Find your nearest Stephensons office and arrange a meeting

As an award-winning top 150 law firm, with over 450 staff based in offices across the country, you're never far from the advice you need.