The ICO exists to empower you through information.

The Information Commissioner’s Office has approved the fourth set of UK GDPR certification scheme criteria.

The scheme is aimed at training and qualification service providers and will enable their candidates to make informed choices when applying for training programmes, having confidence that their personal data will be processed in accordance with UK GDPR.

This scheme follows three others that have been successfully approved and published on the ICO website; one offering secure re-use and disposal of IT assets and the other two looking at areas including age assurance and children’s online privacy.

“All four of these certification schemes are hugely positive developments for organisations to be a part of. Not only do they offer certainty to businesses to get things right, but they also provide a binding framework for organisations to sign up to, ensuring they raise the bar when it comes to data protection.

“In an era where trust and accountability are paramount, these schemes are a way of reassuring your customers, clients and suppliers that you hold additional expertise in a given area, are committed to building data privacy into your work and adhere to strong standards.

“The newest of these four schemes in particular additionally shows that organisations value their candidates’ personal information and have taken additional steps to protect it.”

- Emily Keaney, Deputy Commissioner

Certification schemes were introduced under the UK GDPR as a way to help organisations demonstrate compliance with data protection requirements and in turn, inspire trust and confidence in the people who use their products, processes and services.

We want to continue encouraging the development, and take up, of a wide variety of data protection certification schemes. So, if you too are an organisation looking to gain both commercial and competitive advantage by developing the next certification scheme, we look forward to speaking to you.