A Practice Note providing an overview of the EU General Data Protection Regulation's accountability principle and the obligation to demonstrate compliance with the legislation's requirements. This Note includes an overview of the obligations imposed on controllers and processors, and steps to demonstrate compliance with the obligations. This Note discusses establishing a privacy compliance program, embedding the requirements of the EU General Data Protection Regulation into policies and daily operations, training on data protection, and using audits to demonstrate compliance. This Note also includes examples of the types of records that demonstrate compliance with certain obligations.