What is LOCS:23?
LOCS:23 stands for the Legal Services Operational Privacy Certification Scheme, a new standard approved by the ICO to help legal service providers demonstrate compliance with UK Data Protection laws.
The standard is publicly available via the ICO website, however many legal services providers benefit from the broad legal services industry and data protection experience of our LOCS:23 Consultants, to help them implement robust procedures and achieve LOCS:23 Certification.
Data Controller and Data Processor Certifications
The LOCS:23 standard makes provision for both data controllers and processors with two certification marks available.
LOCS:23 Requirements
Organisations will need to demonstrate compliance with a number of controls in the standard, which are categorised under the following headings:
- 8.1 ORGANISATIONAL AND CLIENT FILE GOVERNANCE
- 8.2 DATA SUBJECT RIGHTS
- 8.3 OPERATIONAL PRIVACY
- 8.4 THIRD PARTY SERVICE PROVIDERS AND DATA SHARING
- 8.5 MONITOR & REVIEW
The standard provides a mapping to UK GDPR Articles, where applicable, as well as alternative controls for processors.
About LOCS:23 Certification
ADISA is the approved certification body for LOCS:23. Find out more.
More information:
