European Data Protection Supervisor
European Data Protection Supervisor

Accountability

Accountability

Accountability is a common principle for organisations across many disciplines; the principle embodies that organisations live up to expectations for instance in the delivery of their products and their behaviour towards those they interact with. The General Data Protection Regulation (GDPR) integrates accountability as a principle which requires that organisations put in place appropriate technical and organisational measures and be able to demonstrate what they did and its effectiveness when requested.

Organisations, and not Data Protection Authorities, must demonstrate that they are compliant with the law.  Such measures include: adequate documentation on what personal data are processed, how, to what purpose, how long;  documented processes and procedures aiming at tackling data protection issues at an early state when building information systems or responding to a data breach; the presence of a Data Protection Officer that be integrated in the organisation planning and operations etc.

In 2015, in anticipation of the GDPR, the EDPS initiated a project to develop a framework for greater accountability in data processing to be applied to our own organisation, as an institution, a manager of financial resources and people - and a controller.

In addition, we have started to promote the accountability principle through visits to small, medium and large EU bodies to explain the new obligations resulting from the revised legal framework and the implications for EU institutions and the EDPS' work as their supervisory authority.

Filters

Pages

09/10/2015
9
Oct
2015

EDPS recommendations on the EU’s options for data protection reform

Europe’s big opportunity, EDPS recommendations on the EU’s options for data protection reform

05/08/2015
5
Aug
2015

Newsletter Nr. 45

The August 2015 edition of the EDPS Newsletter covers EDPS recommendations on the reform of EU data protection legislation, the publication of the 2014 EDPS Annual Report, the EDPS Opinion on Mobile Health and many other EDPS activities.

30/07/2015
30
Jul
2015

Strategy 2015-2019

This report sets out the Strategy adopted by the EDPS for the period 2015-2019. As data protection affects almost every EU policy area and is a key factor in legitimising and increasing trust in EU policies, the new EDPS Strategy aims to provide a framework through which to promote a culture of data protection in the European institutions. It also promotes the idea of toolkits for policymakers to help them develop innovative solutions to data protection challenges.

Video

/file/02march2015png_en02_march_2015.png

Giovanni Buttarelli, EDPS and Frans Timmermans, First Vice-President, 2 March 2015
Giovanni Buttarelli, EDPS and Frans Timmermans, First Vice-President, 2 March 2015
Strategy 2015-2019 - Leading by ExamplePDF icon
Speech by Giovanni ButtarelliPDF icon
Press releasePDF icon
Annual Management Plan 2019 Summary - Promoting a new culture of data protectionPDF icon
27/07/2015
27
Jul
2015

EDPS recommendations on the EU’s options for data protection reform

Europe’s big opportunity, EDPS recommendations on the EU’s options for data protection reform

Annex: Comparative table of GDPR texts with EDPS recommendationsPDF icon
02/03/2015
2
Mar
2015

Leading by Example: EDPS Strategy 2015-2019

This evening, the new European Data Protection Supervisor (EDPS) unveiled his Strategy for 2015-2019 to senior representatives of the EU institutions. Following his appointment three months ago, Giovanni Buttarelli summarised the objectives for his five-year mandate and the actions his Office will take to turn his vision into reality.

25/11/2014
25
Nov
2014

Rebuilding trust in financial services markets: 10 steps for responsible handling of personal information

Data protection can support the European economy, said the European Data Protection Supervisor (EDPS) today, following the publication of his Guidelines on data protection in EU financial services regulation.

24/07/2014
24
Jul
2014

Management of incident or technical fault reports - EP

Letter on the notification for prior-checking concerning "Management of incident or technical fault reports" within the European Parliament (Case 2014-0643)

23/07/2014
23
Jul
2014

Single-member private limited liability companies

Opinion on the Commission Proposal for a Directive of the European Parliament and of the Council on single-member private limited liability companies

06/06/2014
6
Jun
2014

EDPS calls on the Council to make urgent progress on Data Protection Reform

The European Data Protection Supervisor (EDPS) fully appreciates the progress made by the Greek Presidency of the Council on the reform of the EU Data Protection legislation. In particular, we welcome the Council's objective of reaching a general position on the package so as to start negotiations with the Parliament well before the end of 2014.

25/02/2014
25
Feb
2014

EDPS Guidelines on the Rights of Individuals: data protection is essential to good public administration

As part of the action plan laid out in his Strategy 2013-2014 to provide guidance to the EU administration, the European Data Protection Supervisor (EDPS) has published Guidelines on the Rights of Individuals with regard to the Processing of Personal Data.

14/02/2014
14
Feb
2014

Progress on the data protection reform package

EDPS letter to the Council of Ministers regarding progress on the data protection reform package

27/01/2014
27
Jan
2014

EDPS: Active supervision effective in keeping EU bodies on track for data protection

EU institutions are better at complying with data protection rules and privacy principles than ever before. This is the overall message of the EDPS report on his latest general stocktaking exercise, published today.

11/11/2013
11
Nov
2013

Factsheet 3 - Supervising EU institutions and bodies & enforcing data protection principles

/file/factsheet3png_enfactsheet_3.png

When EU institutions and bodies process personal data, they must comply with the principle of accountability and the obligations set out in the EU Data Protection Regulation 45/2001. EDPS Factsheet 3 provides information on how the EDPS works with the EU insitutions to ensure they achieve compliance.

15/03/2013
15
Mar
2013

Data Protection Reform Package

Additional EDPS Comments of on the Data Protection Reform Package
 

Comments of 15 March 2013PDF icon
Letter of 15 March 2013 to Mr Juan Fernando López AguilarPDF icon
23/01/2013
23
Jan
2013

EDPS Strategy 2013-2014 for excellence in data protection by the EU institutions

Yesterday evening, the EDPS presented a report outlining his Strategy for 2013-2014 to senior representatives of the EU institutions. The EDPS outlined the process, aims and results of an extensive analysis, including the main lines of the 2013-2014 Strategy.

12/12/2012
12
Dec
2012
23/11/2012
23
Nov
2012

EDPS: greater accountability of EU institutions and bodies and involvement of DPOs for better data protection

Today, the European Data Protection Supervisor (EDPS) adopted a Policy on Consultations in the field of Supervision & Enforcement which provides guidance to EU institutions and bodies and Data Protection Officers (DPOs) on consulting the EDPS when drawing up measures or internal rules which involve the processing of personal information - also known as personal data - in compliance with the Data Protection Regulation (EC) No. 45/2001.

23/11/2012
23
Nov
2012

Consultations in the field of Supervision and Enforcement

Policy on Consultations in the field of Supervision and Enforcement

14/11/2012
14
Nov
2012

Video-surveillance: Helping EU institutions and bodies to get the message across

Today, the European Data Protection Supervisor (EDPS) issued his report on the findings of some on-the-spot inspections conducted between 15 June and 18 July 2012 on the premises of thirteen Brussels-based EU institutions and bodies.

Pages