| Commentary

(8) Accountability framework

| Commentary

(8)     Accountability framework

The ICO has published an accountability framework to help organisations comply with their data protection obligations. It is divided into the following ten categories and includes expectations and examples of how to demonstrate compliance (see https://ico.org.uk/for-organisations/accountability-framework/):

  1.  

    —     Leadership and oversight

  2.  

    —     Policies and procedures

  3.  

    —     Training and awareness

  4.  

    —     Individuals' rights

  5.  

    —     Transparency

  6.  

    —     Records of processing and lawful basis

  7.  

    —     Contracts and data sharing

  8.  

    —     Risks and data protection impact assessments (DPIAs)

  9.  

    —     Records management and security

  10.  

    —     Breach response and monitoring

To continue reading
Analyse the law and clarify obscure passages all within a practical context.