Imagine the scene. You’re presenting at the Board meeting. You’re been thrown Privacy at your organisation. Or maybe you’re their new Privacy consultant. And the Board asks you: ‘So. How are we doing right now? Where are the gaps? What’s your plan to remediate them?‘
That’s when many reach for the UK Information Commissioner’s gold-standard benchmark: the Accountability Framework. There are 10 Categories like Leadership, Records, Training and Security. Then there are 77 Expectations (what the ICO would look for you to be doing in each Category). Then the Excel version has 338 Questions or Statements within those Expectations, generating a nice Dashboard. Sorted!
But then the victory starts to fade as it’s a big-old spreadsheet. Someone makes another copy and puts their answers in that. Just navigating is a pain, sharing is worse. If only it was in SaaS then you could give least privilege access, have no version control issues, navigation would be easy, and sharing Dashboard super simple.
Well – under government licence, we’ve now integrated the ICO’s Accountability Framework into Keepabl! (Technically, we’ve implemented the Accountability Tracker, the Excel version, the most detailed and helpful version, that most people mean when they talk about the Framework.)
We’ve put together a great blog and a short visual Privacy Kitchen video on the Framework to give you a great primer! It’s a hugely popular benchmark against UK GDPR – and EU GDPR as they’re the same at this level, so it’s popular outside the UK as well.
And, because it’s the official benchmark published by the UK’s data protection authority itself, choosing it gives you and your organisation a level of safe harbour (let’s not say privacy shield …) in that the UK ICO can’t fault your choice.
We’ve been asked by so many customers and consultants to incorporate the Framework in Keepabl that we discussed it with the ICO and we’ve gone and done it! It looks great, as you’d expect: navigation is a breeze, the ICO Dashboard looks the same and we’ve added Scores by Keepabl which add a different, very valuable and visual perspective.
And you can upload proof against questions, upload comments, give least privilege access as you wish, and it’s integrated with our native Tasks – everything you’d want from putting the Excel into SaaS.
The Framework is great – and the ICO’s Ecel really is a very useful – and free – tool with a great Dashboard. But it really comes alive in SaaS.
Great question – we’ll update it. We may well keep this version as an EU GDPR framework and include any new post-Brexit version as another choice again. But that’s all fine – if oyu look at our side-by-side Guide to the Brexit GDPR Reforms, you’ll soon see that Article 30 Records are still there, risk assessments are still there, training, leadership, records, risks and Security – all still there. the Framework may change in certain places but we doubt – though we can’t guarantee – that it’ll change much. And you’ll have both anyway!
August 2019 figures for BPM Index (with information from 25 EEA Member States) shows continued, consistent disparity among Member States on number of personal data breach notifications per million of…