It is essential that there is consensus and clarity on the precise meaning and application of organisational accountability among all stakeholders, including organisations implementing accountability and data protection authorities (DPAs) overseeing accountability. Without such consensus, organisations will not know what DPAs expect of them and DPAs will not know how to assess organisations’ accountability-based privacy programs with any degree of consistency and predictability. Thus, drawing from the global experience with accountability to date and from our own extensive prior work on accountability, this paper argues that accountability exists along a spectrum, ranging from basic accountability requirements required by law (such as under the GDPR) to stronger and more granular accountability measures that may not be required by law but that organisations may nevertheless want to implement because they convey substantial benefits.
Download the Paper
Download NowMore like this
Leveraging Data Responsibly: Why Boards and the C-Suite Need to Embrace a Holistic Data Strategy
Find out more
Building Accountable AI Programs: Mapping Emerging Best Practices to the CIPL Accountability Framework
Find out more
Cisco-CIPL Report on Business Benefits of Investing in Data Privacy Management Programs
Find out more
Organizational Accountability in Data Protection Enforcement – How Regulators Consider Accountability in their Enforcement Decisions
Find out more
What Good and Effective Data Privacy Accountability Looks Like: Mapping Organizations’ Practices to the CIPL Accountability Framework
Find out more
