Insights Information Commissioner’s Office approves first three UK GDPR certification schemes


Certification was brought in under the UK GDPR to help organisations demonstrate compliance with data protection rules and inspire trust and confidence in the people who use their products, processes and services. Certification provides a framework for organisations to follow, which shows clients and customers that they are adhering to strong standards.

The ICO has approved the criteria for three schemes, which will now be rolled out:

  • ADISA, experts in IT asset disposal services, have developed a standard that ensures personal data has been handled appropriately when IT equipment is re-used or destroyed; and
  • Age Check Certification Scheme (ACCS) has developed criteria for two schemes relating to: (i) age assurance; and (ii) children’s online privacy.

Organisations that achieve the standards set out in these certification schemes can apply to be certified to demonstrate to customers, partners and investors that they have the highest level of commitment to data protection compliance. To read the ICO’s news release in full, click here.