ProvePrivacy Logo | Blue Green

Back to home


Data Protection by Design and by Default

Controls Management | ProvePrivacy | Article Image 2

Data protection by design and by default is primarily the process of putting in place appropriate technical and organisational measures to implement the data protection principles and safeguard individual rights.

Data protection by design is about ensuring data protection and privacy issues are considered upfront in everything you do, and it helps you to comply with the GDPR’s fundamental principles and requirements.  In essence, this means you have to build in data protection into your activities and business practices, from the design stage right through the lifecycle.

Having the ability to demonstrate the technical and organisational measures that you are taking also forms part of your focus on accountability. 

Examples of data protection by design and by default might include:

  • Data protection is considered and monitored as part of new change projects.
  • You do not collect data that is not needed for the process.
  • Systems are protected from unauthorised access
  • Data is protected through security techniques, such as encryption
  • Plain language is used when communicating with data subjects

You might also like

Scroll to Top

Contact us

If you would like to ask more questions or to arrange training, complete the form below and we will respond shortly.

See our Privacy Statement for more details.

Get expert tips and business insights