Re Legal Consulting Ltd

takes confidentiality and information security seriously.  

The seventh principle of the Data Protection Act 2018 requires that a Data Controller takes technical and organisational measures against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.

The Information Commissioner has indicated that complying with ISO/IEC 27001:2013 - the international standard for Information Security, would fulfil the requirements of the  principles of the Data Protection Act 2018.

Re: Legal Consulting Ltd has sought to align itself with the ISO 27001 standard and has put various measures in place to protect personal data and client information.

These measures include:

Password Policy

Using current password methodology, including the use of passphrases to increase security effectiveness and different passphrases for different applications.


In order to ensure business continuity, we use a hybrid solution of external removable media which is taken off-site and cloud storage.

Email communications

Sensitive personal data and confidential information can be emailed as a password protected or encrypted attachment, where there is no secure communication channel.  Re: Legal can also set up a SharePoint account for the client for the secure communication and storage of documents.

Mobile media

We do not use USB sticks or other removable media and smart phones and iPads are password protected.  We can locate and wipe any information on a lost phone by using MobileMe.  We have a policy not to store sensitive personal data or confidential information on mobile media.

Internet Security

Full internet security suite with automatic updates.

Paper or hardcopy information

We are a paperless office, as far as possible.  In the event that any information is printed it is kept secure and shredded after use.

Organisational Measures

Any third party suppliers are required to agree to and sign a confidentiality agreement and comply with a data processor's policy.

If you have any queries regarding our information security measures please feel free to contact us: