General Data Protection Regulation (GDPR) requires organizations to be transparent and accountable with how they handle European residents’ personal data. “If anyone tries to tell you they’re GDPR-certified – they’re lying,” says Nigel Houlden, head of technology policy for the U.K. Information Commissioner’s Office. “There is no such thing as GDPR certification; there is only compliance that you can work toward,” he says. “You need to keep on top of your security policies, your education, your security training””]
Source: https://www.healthcareinfosecurity.com/gdpr-uk-privacy-regulator-open-to-self-certification-a-11066