|
Brian Sims
Editor |
| Home> | Security | >IT Security | >GDPR tools to help businesses with compliance |
GDPR tools to help businesses with compliance
02 March 2020
Two key services to help organisations show accountability under the General Data Protection Regulation (GDPR) are up and running.
The Information Commissioner’s Office (ICO) has published guidance for organisations wanting to develop GDPR Codes of Conduct or Certification schemes.
From 28th February, organisations can submit their proposals for GDPR Codes of Conduct or Certification scheme criteria to the ICO for approval.
These two services will be an asset to businesses; helping both data controllers and processors demonstrate compliance with the GDPR.
Ian Hulme, ICO Director of Regulatory Assurance, said: “I would encourage any organisation that can speak on behalf of a group of organisations, or who has expertise in developing standards or certification criteria, to have a look at our guidance and speak to us about developing a GDPR Code of Conduct or Certification scheme.
"Both mechanisms are a really good way for organisations to show their commitment to complying with data protection legislation and ultimately, build public trust and confidence in their organisation.”
Accountability is an important data protection principle and means organisations must be able to demonstrate their compliance with the GDPR. Codes of Conduct and Certification schemes are both described as important voluntary accountability tools.
Codes of Conduct provisions, set out in the GDPR, help organisations – such as trade, membership or professional bodies - to support compliance with data protection issues identified or specific to their sector. Organisations will be able to sign up to an ICO approved Code of Conduct to demonstrate their compliance with data protection legislation. Codes of Conduct can be submitted to the ICO for approval now.
Certification is a separate provision under the GDPR. It will give businesses a tool that they can use to enhance trust in their business and demonstrate their commitment to compliance to their customers.
Scheme criteria can now be submitted for ICO approval. Controllers and processors will then be able to apply to have their personal data processing certified under the relevant scheme.
- NCSC defends UK from 700-plus cyber attacks while supporting national pandemic response
- High Court challenge on surveillance laws begins
- Real-time tracking for firefighter safety
- Latest iteration of British Standard for domestic sprinkler systems published
- Monitor Computer Systems and Facewatch partner in delivering facial recognition to Sentinel
- Javid promises support for Police frontline
- Government proposes duty to protect public spaces from terror
- Amendments to Building Safety Act enforced through Leasehold and Freehold Reform Act 2024
- Government-backed PII scheme for EWS-1 assessors to be delivered by MGAM and SCOR
- DLUHC turns attentions towards fire risk appraisals of external walls
- From the editor
- Blog for FSM website
- Information Commissioner makes key appointments
- BSIA forges closer American links ahead of Brexit
- Fire and Security Association names new chair
- Government wants mergers regime update to protect national security
- Chain wrestling
- Intersec 2018 preview
- Leading brands supporting new Security Event at NEC
- Leading security companies support launch of new security event at the NEC
