13 October, 2020
The Information Commissioner's Office (ICO) has published its Accountability Framework to help organisations manage their data protection compliance and understand how they can comply with the General Data Protection Regulation's (GDPR) accountability principle.
Article 5(2) of the GDPR places an obligation on organisations to be responsible for complying with the GDPR and states that organisations must be able to demonstrate their compliance with the GDPR. This is known as the 'accountability principle'.
Those familiar with the GDPR will be aware that it does not provide an exhaustive list of the measures that need to be in place to demonstrate compliance with the GDPR but adopts a risk based approach for organisations to implement technical and organisational security measures to ensure and demonstrate compliance with the GDPR.
In order to assist organisations with their understanding of the accountability principle, the ICO has launched its Accountability Framework. The framework provides organisations with a way to assess accountability and compliance with the GDPR. The framework is split into the following categories:
The framework can be used for various reasons including assessing your current compliance with the GDPR, record and track your progress with GDPR compliance and check your existing practices against the ICO's expectations.
The framework will be a useful tool for data protection officers and/or information governance teams to assess current levels of compliance and record and track any improvements that are required.
The ICO framework has been released as a 'beta' version and the ICO is currently seeking feedback from organisations on the framework. The first stage of the consultation is open until 02 November 2020.
A copy of the Accountability Framework can be found here - https://ico.org.uk/for-organisations/accountability-framework/
A link to the consultation can be found here - https://wh.snapsurveys.com/s.asp?k=159499456475
For more information contact Bethany Paliga in our Governance, Procurement & Information department via email or phone on 01254 222347. Alternatively send any question through to Forbes Solicitors via our online Contact Form.