ICO invites organisations to submit Codes and Certification schemes
The ICO has published guidance for organisations wanting to develop GDPR Codes of Conduct or Certification schemes. Organisations can now submit their proposals to the ICO for approval.
Ian Hulme, ICO Director of Regulatory Assurance, said:
“I would encourage any organisation that can speak on behalf of a group of organisations, or who has expertise in developing standards or certification criteria, to have a look at our guidance and speak to us about developing a GDPR Code of Conduct or Certification scheme.”
“Both mechanisms are a really good way for organisations to show their commitment to complying with data protection legislation and ultimately, build public trust and confidence in their organisation.”
Despite the UK’s exit from the European Union, it is clear that the ICO and organisations wishing to work within certification schemes across the EU have the benefit of close links with the European Data Protection Board (EDPB). The ICO’s website states: “Across EU member states, the EDPB will collate all EU certification schemes in a public register. There is also scope for a European Data Protection Seal where scheme criteria are approved by EDPB for use in all member states.” [see the certification link below]
The ICO’s guidance on:
- codes, issued on 28 February, after adoption by the European Data Protection Board
- certification, issued on 28 February
See:
- PL&B UK Report January 2020 - Codes of Conduct under the GDPR: Business opportunities? p.1
- PL&B News: ICO’s certification scheme now nearer to being deployed, 23 December 2019.
- PL&B UK Report September 2018 p.14-15
Read more about the development of codes in the upcoming March issue of PL&B UK Report with an update on the work at the Data and Marketing Association (DMA). Subscribe now.