The Information Commissioner's Office (ICO) has launched two services to help organisations implement company policies based on the General Data Protection Regulation (GDPR).
Businesses can now submit proposals to the ICO for GDPR Codes of Conduct or to apply for company Certification Schemes.
The aim is to help businesses demonstrate compliance and accountability with the EU's data regulation.
These are voluntary tools, but are key assets to both data controllers and processors, according to the ICO.
The Code of Conduct is a set of provisions based on the GDPR, such as trade, membership or professional bodies, that help to aid businesses with data protection issues relevant to their sector.
The ICO's Certification Scheme is a separate service that offers businesses tools to enhance trust in their organisation and act as a sign of compliance with the regulation.
"I would encourage any organisation that can speak on behalf of a group of organisations, or who has expertise in developing standards or certification criteria, to have a look at our guidance and speak to us about developing a GDPR Code of Conduct or Certification scheme," said Ian Hulme, ICO director of regulatory Assurance.
"Both mechanisms are a really good way for organisations to show their commitment to complying with data protection legislation and ultimately, build public trust and confidence in their organisation."
More than half of UK businesses were said to not be compliant with EU's data regulation in September 2019, despite it coming into force in 2018. This was according to a report from software firm Egress, which said that 52% of respondents to its survey said they were non-compliant.
The new services may also relieve the pressure on the ICO itself, which reported that its staff had received four times as many reports of personal data breaches during the financial year of 2018/19.
The watchdog reportedly looked into 13,840 cases, compared to 3,311 during 2017/18's financial year.
-
RSAC Conference 2025: The front line of cyber innovationITPro Podcast Ransomware, quantum computing, and an unsurprising focus on AI were highlights of this year's event
-
Anthropic CEO Dario Amodei thinks we're burying our heads in the sand on AI job lossesNews With AI set to hit entry-level jobs especially, some industry execs say clear warning signs are being ignored
-
Cyber attacks have rocked UK retailers – here's how you can stay safeNews Following recent attacks on retailers, the NCSC urges other firms to make sure they don't fall victim too
-
ICO admits it's too slow dealing with complaints – so it's eying up automation to cut staff workloadsNews The UK's data protection authority has apologized for being slow to respond to data protection complaints, saying it's been overwhelmed by increased workloads.
-
“Limited resources” scupper ICO probe into EasyJet breachNews The decision to drop the probe has been described as “deeply concerning” by security practitioners
-
Surge in workplace monitoring prompts new ICO guidelines on employee privacyNews Detailed guidance on how to implement workplace monitoring could prevent data protection blunders
-
TikTok could be hit with £27m fine for failing to protect children's privacyNews Social media firm issued with a notice from the ICO for potential violations of UK data protection laws
-
What is AdTech and why is it at the heart of a regulation storm?In-depth The UK data regulator has come under heavy fire for consistently delaying much-needed action, privacy groups say
-
ICO crackdown on AI recruitment part of three-year vision to save businesses £100 millionNews ICO25 outlines a fresh approach that involves releasing learning materials, advice, and a new ICO-moderated discussion forum for businesses
-
Clearview AI fined £7.5m over improper use of UK dataNews Australian facial recognition firm collected 20 billion images from the internet without consent in order to build its database
