In order for our site to work, small files called ‘cookies’ have been placed on your device. These mandatory cookies do not process any personal data.
We would also like to use analytics cookies to understand how our site is used by visitors and then use this information to improve our site and the experience of using our site. The service we use is Google Analytics.
Please indicate whether or not you are happy to allow the use of these analytics cookies by selecting one of the options below. You can read more about our cookies before you choose and read our Privacy Notice to find out more information on how we use your personal data
Last updated: 29 November 2020
The Law includes provisions that promote accountability and governance. These complement the Law’s transparency requirements. While the principles of accountability and transparency have previously been implicit requirements of data protection compliance, the Law’s emphasis elevates their significance.
You are expected to put comprehensive, but proportionate, governance measures into place. Good practice tools such as data protection impact assessments (DPIAs) and privacy by design are now legally required in certain circumstances.
Ultimately, these measures should minimise the risk of breaches and uphold the protection of personal data. Practically, this is likely to mean more policies and procedures for organisations, although many organisations will already have good governance measures in place.
What is the accountability principle?
The accountability principle in Section 6(2)(g) requires you to demonstrate that you comply with the data protection principles and states explicitly that this is your responsibility.
How can I demonstrate that I comply?