Ian Hulme, Director of Regulatory Assurance discusses the launch of our new Accountability Framework and how organisations can take part in the next stage of its development.
The accountability requirement of data protection legislation might seem at first like a big task.
Organisations must assess the risks they create and take appropriate action. You need to ensure staff are adequately trained, assess your data processing and put data protection at the heart of your organisation. It is more than box ticking or bolt on compliance. It is an opportunity to make data protection a part of the cultural and business fabric of your organisation. It means not only complying with the legislation, but showing it.
Today we’ve launched a practical tool to help organisations manage their approach to privacy and to understand what good accountability looks like.
Our Accountability Framework will help you to set out a roadmap for your organisation, making it easy to see what you need to do and how you can improve.
Data protection compliance is not one size fits all. Our framework has been designed to support organisations to identify the right steps and actions to improve their compliance. It should empower and enable you to embed accountability throughout your organisation.
Successfully embedding accountability will enhance your reputation as a business that can be trusted with personal data. The public are increasingly demanding to be shown how their data is being used and how it is being looked after. They want to know that their personal data is in safe hands, and that you have put in place mechanisms to protect their information.
We understand, as we continue to deal with the COVID-19 pandemic, there are many things for organisations to think about. The framework can help. It sets out questions to challenge your thinking, clear ways to evaluate your current compliance and help you put firm plans in place. It will enable you to not only rebuild data protection and information governance practices, but equip you with tools and reports to help you improve them.
The framework is still in its beta stage. As we continue to consult with stakeholders, we’ll keep improving it further. You can let us know your thoughts on the Accountability Framework or you can register your details to take part in future consultation activities.
Ian Hulme is Director of Regulatory Assurance at the ICO.