RESULTS OF THE INTERNATIONAL REVIEW OF HOW WELL ORGANISATIONS HAVE IMPLEMENTED PRIVACY ACCOUNTABILITY INTO THEIR OWN INTERNAL PRIVACY POLICIES

This year, the Global Privacy Enforcement Network’s (“GPEN”) annual intelligence gathering operation, called a ‘sweep’, looked at how well organisations have implemented the core concepts of accountability into their own internal privacy policies and programmes. Locally, the GRA focussed on privacy accountability in the telecommunications sector.

Participating GPEN members made contact with 356 organisations in 18 countries during the Sweep. The Sweep found that whilst there were examples of good practice, a number of organisations had no processes in place to deal with the complaints and queries raised by data subjects, and were not equipped to handle data security incidents appropriately.