ICO launches two GDPR compliance schemes
Code of Conduct and Certification services aim to help organisations show greater accountability
The Information Commissioner's Office (ICO) has launched two services to help organisations implement company policies based on the General Data Protection Regulation (GDPR).
Businesses can now submit proposals to the ICO for GDPR Codes of Conduct or to apply for company Certification Schemes.
The aim is to help businesses demonstrate compliance and accountability with the EU's data regulation.
These are voluntary tools, but are key assets to both data controllers and processors, according to the ICO.
The Code of Conduct is a set of provisions based on the GDPR, such as trade, membership or professional bodies, that help to aid businesses with data protection issues relevant to their sector.
The ICO's Certification Scheme is a separate service that offers businesses tools to enhance trust in their organisation and act as a sign of compliance with the regulation.
"I would encourage any organisation that can speak on behalf of a group of organisations, or who has expertise in developing standards or certification criteria, to have a look at our guidance and speak to us about developing a GDPR Code of Conduct or Certification scheme," said Ian Hulme, ICO director of regulatory Assurance.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
"Both mechanisms are a really good way for organisations to show their commitment to complying with data protection legislation and ultimately, build public trust and confidence in their organisation."
More than half of UK businesses were said to not be compliant with EU's data regulation in September 2019, despite it coming into force in 2018. This was according to a report from software firm Egress, which said that 52% of respondents to its survey said they were non-compliant.
The new services may also relieve the pressure on the ICO itself, which reported that its staff had received four times as many reports of personal data breaches during the financial year of 2018/19.
The watchdog reportedly looked into 13,840 cases, compared to 3,311 during 2017/18's financial year.
Bobby Hellard is ITPro's Reviews Editor and has worked on CloudPro and ChannelPro since 2018. In his time at ITPro, Bobby has covered stories for all the major technology companies, such as Apple, Microsoft, Amazon and Facebook, and regularly attends industry-leading events such as AWS Re:Invent and Google Cloud Next.
Bobby mainly covers hardware reviews, but you will also recognize him as the face of many of our video reviews of laptops and smartphones.