Why accountability is important in data protection

data protection accountability and responsibility

When the GDPR came into force (almost a year ago) it introduced a new data protection principle (or rule): Accountability. The accountability principle essentially says it’s not good enough that you think you’re compliant with data protection laws, you have to prove it.  It’s spread throughout the GDPR: Documentary evidence of processing activities Contracts between …

Read moreWhy accountability is important in data protection

Who’s looking after your data protection compliance?

Data protection never takes a holiday

In March 2019 a First-tier Tribunal was held between Farrow and Ball Ltd and the Information Commissioner’s Office (ICO). In its work to chase down organisations that are not paying the new data protection fee (as required by the Data Protection (Charges and Information) Regulations 2018 which came into force in UK law at the same …

Read moreWho’s looking after your data protection compliance?

Calls for views on data protection for journalists code

ICO consults on journalism code

The ICO are seeking views on a data protection code of practice for journalists use of personal data. In a blog article the ICO speaks about the rights of individuals’ data applying to journalism just as for any other purpose, but noting “protecting freedom of expression, and the inherent public interest in a free press, …

Read moreCalls for views on data protection for journalists code

ICO updates its GDPR certification guidance

GDPR certificaton schemes

The Information Commissioner’s Office has updated its guidance regarding certification schemes under GDPR. Section 5 of the GDPR sets out approaches towards codes of conduct and certification, with Article 42 specifically addressing certification. Simply put the regulation suggests the implementation of data protection certification schemes to provide a way for data controllers and processors to …

Read moreICO updates its GDPR certification guidance