About us

About us

Who we are
Working with us
Our history
Equity, diversity and inclusion
Senior leadership
Corporate social responsibility
Legal services frameworks
Our regulatory information
About us
What we believe in and why we do it
Find out more
People
Sectors
Overview
Education
Emergency services
Health and justice
Housing
Insurance

Insurance

Select from our range of services
Medical malpractice for insurers
Personal injury
Local government
NHS healthcare

NHS healthcare

Learn more about how we can help you
ProvidersNHS commissioners
Healthcare infrastructure projects
GPs, Dentists & Pharmacists

GPs, Dentists & Pharmacists

Learn more about how we can help you
General practitioners (GPs)Dentists
Pharmacists
Private healthcare
Professional regulatory

Out of hours

24/7 emergency health and social care advice
Our sectors
Go-to advisors
Find out more
Services
Overview

Overview

Learn more about our service areas
Banking and financeClaims handling serviceClinical negligenceCommercial and contractsCorporateEmployment and pensionsGovernanceHousing development and regenerationHousing managementInformation law
InquestsInquiries and investigationsLitigationMedical malpracticeMental capacity and mental healthPersonal injuryProcurementReal estateReal Estate InvestmentRegulatory
HR advisory and consultancy
Capsticks Mediation Services

Out of hours

24/7 emergency health and social care advice
Our services
Learn more about our connected expertise
Find out more
Insights & Events

Insights and events

Insights
News
Events
On-demand webinars
Podcasts
Resources
Diploma in Clinical Risk and Claims Management
Capsticks Housing Diploma
Insights and events
Sign up today
Find out more
Careers

Careers

Vacancies
Trainee solicitors
Apprenticeships
Careers
People first at Capsticks
Find out more
Sign up to our mailings
Contact
Back to insights

Demonstrating data protection accountability

16/10/20


The most useful aspect of the framework is the 'self assessment toolkit' which provides a free-to-use self-inspection system for compliance measures.  As a 'one size fits all' tool, not all of the points within it will be relevant for all organisations, but the framework offers insights into the ICO's approach to audits (which can be requested voluntarily by data controllers, or required by the ICO) and some helpful ways of thinking about 'demonstrable compliance' with many of the key parts of GDPR. 

Many of our healthcare clients will be subject to the Data Security and Protection Toolkit  and the audit arrangements that go with that , but for housing, regulatory and other organisations (or for NHS organisations considering other ways of demonstrating compliance with GDPR), the Framework has some useful tools. 

The ICO welcomes feedback on the Framework. 

If you have any information law questions arising from the Framework or more generally, please let me know.

Accountability is one of the key principles in data protection law – it makes you responsible for complying with the legislation and says that you must be able to demonstrate your compliance.
 
Andrew Latham
PartnerLondon
[email protected]
020 8780 4674
Back to top
Modern Slavery StatementPrivacyDisclaimerUpdate your detailsAccessibilityComplaints policy
We use cookies to ensure you get the best experience on our site. You can learn more about how we use cookies here.
Allow cookiesManage permissions
Necessary Cookies:
Allow Necessary Cookies
Performance Cookies:
Allow Performance Cookies
ok
x