| Abstract | Accountability is considered a tenet of privacy management,
yet implementing it effectively is no easy task. It requires
a systematic approach with an overarching impact on the design
and operation of IT systems. This article, which results from a
multidisciplinary project involving lawyers, industry players and
computer scientists, presents guidelines for the implementation
of consistent sets of accountability measures in organisations.
It is based on a systematic analysis of the Draft General Data
Protection Regulation. We follow a systematic approach covering
the whole life cycle of personal data and considering the three
levels of privacy proposed by Bennett, namely accountability of
policy, accountability of procedures and accountability of practice. |
|---|
