Information Commissioner's Office
Blog: Embedding accountability – we want to hear from you
Blog posted by: Ian Hulme, Director for Regulatory Assurance, 28 October 2019.
As a regulator, we can see how the use of personal data has changed over the past few years. There have been innovative technological developments in the public, private and third sector. However, with great innovation comes great responsibility.
Organisations must understand the risks they create for individuals when processing their data and mitigate against those risks. Organisations must be able to demonstrate that they handle personal data appropriately and effectively. These actions are all a part of the data protection requirement of accountability.
The principle of accountability is really about putting data protection at the heart of all personal data processing. It means being crystal clear about data protection responsibilities across the entire organisation; data protection being a boardroom issue and not just the responsibility of the data protection officer; managing risk proactively; and being transparent with people about what you are doing with their data.
We know that many organisations are already working hard at this, and we want to support those committed to getting it right. But we also know that accountability demands real work and a real culture change.
That is why we’re developing an accountability toolkit.
We want to support organisations to demonstrate their compliance with the accountability principle to the ICO, the public or their business partners.
Our proposed accountability toolkit will enable organisations to understand the ICO’s expectations and take responsibility for designing their own accountability programs.
We are planning on launching the framework in 2020, but before we start development we want to hear from you. We are committed to designing a product that is user-led so your views are essential. We would like you to share your views and suggestions on our early ideas and assumptions about the scope, structure and design of an accountability toolkit.
Ian Hulme is Director for Regulatory Assurance at the ICO.
Latest News from
Information Commissioner's Office
Blog: Data ethics and the digital economy19/11/2019 09:10:00
Blog posted by: Simon McDougall, Executive Director – Technology Policy and Innovation, ICO, 18 November 2019.
Blog: Why special category personal data needs to be handled even more carefully15/11/2019 09:10:00
Blog posted by: Ian Hulme, Director for Regulatory Assurance, 14 November 2019.
ICO call for views on the application for powers under the Proceeds of Crime Act11/11/2019 09:10:00
The Information Commissioner invites views on her office being granted access to investigation and other associated powers under the Proceeds of Crime Act 2002 (POCA).
Information Commissioner reminds political parties they must comply with the law ahead of General Election06/11/2019 09:10:00
The Information Commissioner has sent the following letter to the political parties in relation to the use of data in political campaigning.
Blog: Live facial recognition technology – police forces need to slow down and justify its use31/10/2019 13:10:00
Blog posted by: Elizabeth Denham, Information Commissioner, 31 October 2019.
Statement on an agreement reached between Facebook and the ICO30/10/2019 15:10:00
In 2017 the Information Commissioner's Office ("ICO") commenced a formal investigation into the misuse of personal data in political campaigns.
AI Auditing Framework Call for Input: final considerations and next steps29/10/2019 09:10:00
As the initial Call for Input into the development of the ICO AI Auditing Framework comes to an end, Simon McDougall, Executive Director for Technology and Innovation, reflects on some of the overarching themes that have emerged in the first phase of our work.
Data Protection Impact Assessments and AI24/10/2019 10:20:00
Simon Reader, Senior Policy Officer, discusses some of the key considerations for organisations undertaking data protection impact assessments for Artificial Intelligence (AI) systems.