What is LOCS:23?
The Legal Services Operational Privacy Certification Scheme (LOCS:23) is the first sector-wide GDPR certification standard - approved by the Information Commissioner’s Office (ICO), for legal service providers and their solution partners.
It has been specifically developed to assist and support law firms and barristers’ chambers to meet their UK GDPR obligations, and evidence to clients that their data is properly and legally protected.
Who can achieve LOCS:23?
As it is a certification designed for the legal sector, any legal services business or or organisation which supplies to the legal sector can achieve LOCS:23 Certification, including:
- Law firms
- Barristers’ chambers
- In-house legal teams
- Legal software providers
- Other legal solution providers

Our Successful Journey with LOCS:23
Briefed is the only legal services supplier that has achieved LOCS:23
Uniquely, as a supplier to the legal services world, we have undertaken the certification process ourselves, giving us a true understanding of not only what it takes for a business to achieve and maintain this new standard but how effective the standard is.
We supported the first UK Chambers in achieving LOCS:23 Certification
Briefed has supported 30 Park Place, the first UK chambers to achieve the standard, through its entire LOCS:23 journey. As their compliance partner for LOCS:23 and GDPR training, we assisted them in getting certification-ready. We were delighted when they were recently awarded the certification after an extensive audit conducted by ADISA.
Key Benefits for Your Business
The LOCS:23 standard is key as it allows businesses to demonstrate their compliance using a tangible, quantifiable and auditable framework. By implementing this standard, businesses can protect themselves from fines, win more work, reduce data breaches, and show that they comply with industry standards.
Similar to how Cyber Essentials safeguards against online threats, LOCS:23 could soon become a prerequisite for businesses seeking to collaborate with public government bodies. With GDPR compliance a pressing issue in today's supply chain, numerous businesses, particularly financial institutions, are likely to embrace the LOCS:23 Standard to ensure the secure handling of client data.
Briefed as Your LOCS:23 Partner
Our in-house barristers are LOCS:23 consultants with extensive experience helping clients prepare for and pass the certification, having supported the first UK chambers in achieving their LOCS:23 certification.
We have also undertaken the certification ourselves, giving us a true understanding of what it takes for a business to achieve and maintain this new standard.
The LOCS:23 standard is lengthy and detailed, with 55 separately required controls spanning 85 pages. Our experienced barristers are best placed to help you understand exactly how to meet the requirements and the evidence you need to pass the independent audit process.
Our LOCS:23 GDPR training modules are currently the only UK training recognised as meeting the LOCS:23 training requirements by the official LOCS:23 scheme, and as such guarantee that your internal data protection training will meet audit requirements. This training was used to assist the first UK chambers, 30 Park Place, in achieving the LOCS:23 certification.
Our Barrister Implementation Team
Our team has a wealth of experience advising the legal sector on data protection working closely with Bar Councils, Law Societies and other legal regulators for the past 10 years. Our team will assist you in assessing your current compliance levels against the LOCS:23 standard, discussing your internal processes and practices, confirming cyber measures, and providing an action plan to fill in any gaps missing in your compliance.
- Orlagh Kelly, CEO of Briefed & Barrister
- Chris Kelly, In-House Barrister
- Ben Murphy, In-House Barrister
Using our online booking system, you can book a free 30-minute eligibility call, and we will answer all your LOCS:23 questions.
Three Simple Stages to LOCS:23 Certification
Navigating the complex requirements of LOCS:23 compliance, which spans an extensive 85-page document, might seem daunting. By enlisting the expertise of us as your consultants, we will able to simplify the process into manageable steps. Our team of experienced barristers is readily available to provide guidance and support, addressing any concerns or enquiries that may arise during this regulatory journey.
We explain LOCS:23 processes and assess your eligibility. Once we agree on timelines, we review all documentation, discuss cyber security measures, and explore current GDPR processes and practices.
We then provide you with an action plan summarising recommendations, implement missing measures and re-audit. Once completed, we will approve your organisation with 'Certification Ready' status.
You can then apply for full certification. We will assist you through all mandatory reviews, support you during the UKAS Audit, collaborate on marketing, and help you leverage LOCS:23 for a competitive advantage.