Legal Services

Operational Privacy

Certification

Scheme

The ICO approved certification criteria for legal service providers and their solution partners to comply with GDPR.

Article 42 of UK GDPR states:

The commissioner shall encourage the establishment of data protection certification mechanisms and of data protection seals and marks, for the purpose of demonstrating compliance with this Regulation of processing operations by controllers and processors. The specific needs of micro, small and medium-sized enterprises shall be taken into account.

WHY CERTIFY YOUR ORGANISATION?

Promote Client confidence by demonstrating you are certified to protect their personal data.
Have a competitive advantage.
Officially recognised
Apply a recognised, measurable and auditable data protection standard across the organisation.
Save time and resources completing Client data protection questionnaires.
May be used as a 'supplemental measure' for international transfers.
Mitigate against ICO enforcement action (Art 83).
Compliments the ISO 27001 standard for information security.
Continuously updated with emerging ICO guidance and input from LOCS:23 fellows.
Simplify procurement process with LOCS:23 certified vendors.

BREAKING - first certifications awarded

3 STEPS to LOCS:23 CERTIFICATION

1

Plan

Download the LOCS:23 Certification Standard and understand the controls and associated requirements needed for certification. (available as free PDF or hard copy booklet)

2

Get Approval

Ensure you have the LOCS:23 required policies, processes and training in place. Engage with one of our approved Implementors or Qualified Consultancies to provide a gap analysis, assist you in planning for certification and confirm you are ready for certification. Check out our Approved Solutions that have demonstrated their ability to assist with meeting one or more controls in the LOCS:23 standard and may help you in your certification journey.