All solicitors are processing the personal data of clients, which they and their staff must keep secure to observe the duty of confidentiality. Outcome (7.5) of the SRA Code of Conduct requires firms to comply with data protection legislation. Failure to comply with the statutory and regulatory requirements leaves practices open to disciplinary sanction from the SRA/SDT and enforcement action, including fines up to GBP500,000 from the Information Commissioner. Data Protection Toolkit comprehensively looks at the impact of data protection requirements on all staff, including COLPs and COFAs. It provides a number of easy-to-adapt precedents and templates to ensure that practices meet all of the legal and regulatory requirements to protect personal data. The toolkit takes a holistic approach to data protection obligations in a legal firm and includes information on: systems and processes managing risk managing client information data security and encryption monitoring and auditing compliance.