The UK’s independent authority set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals.

This checklist is to help sole traders and other small UK organisations. Use it to make sure you and your business comply with your data protection obligations.

Do you or your business:

  • employ more than 250 employees;
  • carry out large scale, regular and systematic monitoring of people (eg online behaviour tracking);
  • carry out large scale processing of special categories of data or data relating to criminal convictions and offences; or
  • carry out processing likely to result in a high risk to people?

If you answered yes to any of these questions, you should refer to the full Accountability Framework for help.

Once you complete the checklist, you receive a short report with practical actions you can take and additional guidance to improve how you deal with data protection in your business.


1. Is someone taking the lead for making sure your business complies with data protection rules?
2. Does everyone in your business understand their roles and responsibilities when it comes to data protection?
3. Do staff know who to contact about data protection concerns?
4. Does the lead person understand the principles of data protection?
5. Have you registered and paid the data protection fee?