Email Twitter LinkedIn Google Plus Hamburger
Incident Response
Get in touch

Data Protection by Design and Default – What does that mean?

It’s almost a year since the Data Protection Act 2018, incorporating the GDPR, came into force. While the new mandatory requirements, not unexpectedly, are taking time to become part of everyday business, it seems the phrase “data protection by design and default” is still causing confusion and there’s a lack of progress in embracing this ideal.

What does data protection by design and default mean exactly? In simple terms it’s embedding data protection into your processes and the way you do business. Another way to think of it is “how would I want the organisation to treat my personal data?” To which you may answer:

  • Making sure I understand what I’m providing, why and for how long 
  • Not asking for more of it than is needed 
  • Using it only as I’d expect it to be used 
  • Not giving it to anyone I haven’t agreed to having it 
  • Protecting it so it doesn’t get stolen or misused 
  • Only letting people have access to it who need to do so 
  • If something goes wrong, dealing with it responsibly and keeping me informed 
  • Ensuring there are easy to use processes in place if I want to exercise any of my rights 
  • Being open, honest and accountable in how both myself and my data are treated 


This isn’t a definitive list, there are other points you may consider. Instead, use it to begin the process of understanding and implementing data protection by design and default. If we’re happy with how our own personal data is used, then our customers and others are liable to be as well.

Blog by our Head of Consulting, Rob Horne

If you would like to discuss this or any other data protection related questions, please visit our stand at Infosec Europe 2019 where Rob will be pleased to chat with you. 

Click here for more information and registration.


We would like to use cookies to offer you a better browsing experience and track website performance. You can read more information about how we use cookies and how we analyse your data in our cookie policy here.

Reject Accept