Contact FutureLearn for Support
Skip main navigation
We use cookies to give you a better experience, if that’s ok you can close this message and carry on browsing. For more info read our cookies policy.
We use cookies to give you a better experience. Carry on browsing if you're happy with this, or read our cookies policy for more information.
Administration
Administration

The accountability principle

The key concept of the GDPR is that controllers need to be able to show that their processing activities are in line with the data processing principles determined by the GDPR. The accountability principle in Article 5 (2) means that controllers are responsible for and should be able to demonstrate their compliance with the GDPR data processing principles listed in Article 5 (1).

The GDPR furthermore requires that controllers implement appropriate procedural and technical measures to protect personal data. They need to be able to show that they have taken concrete measures within their capacity to meet their obligations Article 24.

But how do controllers show that they have taken appropriate measures and that processing activities are in line with the GDPR? This requires clear evidence, for example:

  • Documentation of comprehensive privacy policies;

  • The appointment of a data protection officer and representatives;

  • Adopting and following codes of conduct or Binding Corporate Rules;

  • Keeping records of all data processing activities.

This evidence needs to demonstrate that concrete steps have been taken to comply with the GDPR provisions in order to meet their obligations.

If you want to know more about this topic, you can read the following two articles below.

Share this article:

This article is from the free online course:

Understanding the General Data Protection Regulation

University of Groningen