FREE GDPR Helpline
Call +44 (0) 208 133 2545
Download the Nymity GDPR Accountability Handbook
The accountability principle in Article 5(2) of the GDPR requires organisations to demonstrate compliance with the principles of the GDPR. Article 24 sets out how organisations can do this by requiring the implementation of appropriate technical and organisational measures to ensure that organisations can demonstrate that the processing of personal data is performed in accordance with the GDPR.
Nymity’s research has identified 39 Articles under the GDPR that require evidence of a technical or organisational measure to demonstrate compliance and has mapped these to the Nymity Privacy Management Accountability Framework™ (described below).
The result is the identification of 55 privacy management activities (also called technical or organisational measures) that if implemented, may produce documentation that will help demonstrate ongoing compliance with GDPR compliance obligations. Not all 55 measures will apply to every organisation – rather, organisations will put in place the measures that are appropriate for their organisation (according to the risk-based considerations that run throughout the GDPR).