How UK Top 100 firm Winckworth Sherwood strengthened data protection for GDPR compliance

About Winckworth Sherwood

A member of the Legal 500 UK and relied on by some of the UK’s largest organisations, Winckworth Sherwood (WS) is a full-service law firm with a diverse client base. Since as far back as 1777 the firm has established its reputation for delivering high levels of client service in high value, high profile projects.

Finding an all-in-one solution to manage metadata and stop missent emails

Every file contains metadata, and metadata like author properties and embedded objects have the potential to include personally identifiable information. Global regulations like the GDPR require businesses to keep personal information safe from leaks. Winckworth Sherwood needed to raise awareness about data leak risks and provide appropriate tools to mitigate this. Without accounting for metadata security, sensitive document data can easily be leaked. Information such as Track Changes (e.g., deleted text you thought was gone), hidden text, or comments on documents not intended to be shared can be inadvertently sent.

The other part of the firm’s data protection strategy was managing the risk of missent emails. Christel Aguila, Head of IT at Winckworth Sherwood could see how, without the right tools in place, “it was one of the most dangerous, if not the most common cause of data leaks,” and could end up costing the firm thousands of pounds in fines. Christel recognised that “addressing an email to the wrong person or attaching the wrong file are easy mistakes to make.” The IT service desk has in the past received frantic calls asking if a missent email can be recalled. Unfortunately, once an email has been sent, it’s nearly impossible to undo the damage. Addressing the issue by putting a delay on sending an email isn’t effective. “Even if you remember you made a mistake, it might be too late and there’s nothing you or IT staff can do,” she said.

Read the full case study above.