Privacy and Data Protection, a leading UK journal on practical data protection compliance issues, has featured in its latest edition an article by Robert Maddox and Stephanie Thomas on the hallmarks of effective data protection by design and default under the EU and UK GDPR. The article encourages organisations to consider incorporating principles of data protection by design and default throughout the lifecycle of products and services that involve the processing of personal data by:
- engaging early in the development stage;
- ensuring cross-stakeholder collaboration to involve research, development, and product teams;
- establishing processes to periodically revisit, review, and revise data protection compliance;
- implementing clear and established design priorities and guardrails, including privacy notices;
- designing for safety;
- documenting considerations and decisions;
- prioritising training and providing ongoing learning opportunities; and
- understanding the international data privacy landscape beyond the EU and UK GDPR.
Several recommendations align with key observations from our coverage of the UK ICO’s 2023 privacy forum on data protection by design and default.
Read the full text of the article here.
To subscribe to the Data Blog, please click here.
The cover art used in this blog post was generated by DALL-E.