IN THIS CHAPTER

Seeing how the accountability principle guides everything

Understanding the six specific data protection principles

Exploring the consequences of noncompliance

At the heart of data protection compliance (and aside from the overarching accountability principle) lie these six specific data protection principles:

• Lawfulness, fairness, and transparency
• Purpose limitation
• Data minimization
• Accuracy
• Storage limitation
• Integrity and confidentiality

The GDPR doesn’t introduce many changes to the principles that existed under the previous European data protection legislation. However, in my experience, I find that most small-business owners weren’t familiar with the principles that were in place before the GDPR came into force, so a lot of this is new to them, even if it isn’t new to data protection legislation.

The GDPR and its increased sanctions have focused attention on data protection, making it more important than ever for you to truly understand the GDPR and the six principles — and to reflect this understanding in every element of your business.

Accountability

In addition to the six specific principles, which I describe ...