This week is Data Protection week (or as our American colleagues call it – Data Privacy Week), with tomorrow marking the 44th anniversary of Convention 108, the first legally binding international treaty dedicated to safeguarding privacy rights.
Although the Council of Europe launched a Data Protection Day on the 26 April 2006, UK data privacy practitioners tend to mark 28 January as each year, being the anniversary of the origins of data privacy.
This year’s theme is Putting Privacy First, and as part of that it is important to consider “accountability” which affects us all, not just as individuals, as lawyers or data controllers within a work context, but also within our private lives and wider society (with even the media banging the drum).
It is perhaps therefore fitting to highlight the data protection principle of accountability. A term also increasingly circulated over last few years in relation to regulatory compliance within organisational practices, particularly with the move towards holding third parties (including supply chains) responsible not just for data protection and security, but for example scrutinising corruption, modern slavery, AML, and socio-environmental practices.
By taking ownership of and accountability for our data protection practices, we can personally and corporately enhance, data security. Demonstrating data protection accountability and taking control of our data practices, not only once a year but all year round, enables organisations to ensure compliance, data integrity and security and to build relationships of trust, not only with clients and customers, but also with each other.
If you ensure that you foster data accountability to build trust and confidence in your organisation do not be afraid to ask the same standards of your third parties. Be confident – ask those questions, and if they can’t meet the standards you require consider whether you want to put your trust in them!
Author