Accountability is one of the fair information practices principles. It says that a data controller should be accountable for complying with measures which give effect to the other principles. Accountability is also found in guidance such as the OECD Guidelines; EU, Canadian and U.S. law (among others), and governance such as the APEC Privacy Framework. Despite its repeated recognition as a critical component of effective data protection, how accountability is demonstrated or measured has not been clearly articulated. Accountability does not redefine privacy or replace laws, but shifts the focus of privacy governance to an organization’s ability to demonstrate its capacity to achieve specified privacy objectives.
This guide offers resources to help you determine what accountability means for your organization.
Become an IAPP member now and get access to the full guide on Accountability, plus have the support of the world’s largest association of privacy professionals.
Already a member? Log in now for access to this member-only content.