# O3.29 Audit data processed against the specified purpose being served

{% tabs %}
{% tab title="Principle" %}
[O3 Ensure data privacy by design](https://safedpi.gitbook.io/safeguards/universal-dpi-safeguards-framework/principles/operational-principles/o3-ensure-data-privacy-by-design)
{% endtab %}

{% tab title="Risks" %}
[SV2 Weak rule of law](https://safedpi.gitbook.io/safeguards/universal-dpi-safeguards-framework/risks/risks-to-structural-vulnerabilities)
{% endtab %}

{% tab title="Life Cycle Stages" %}
[L5 - Operations and Maintenance](https://safedpi.gitbook.io/safeguards/universal-dpi-safeguards-framework/responsible-authorities/r3-donor/l5-operations-and-maintenance)
{% endtab %}
{% endtabs %}

## Practices

* Ensure that DPI systems use only the minimal amount of data processing required.

<table data-view="cards"><thead><tr><th></th><th></th><th></th></tr></thead><tbody><tr><td></td><td><a href="https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/data-protection-principles/a-guide-to-the-data-protection-principles/the-principles/data-minimisation/">Principle (c): Data minimisation</a></td><td></td></tr><tr><td></td><td></td><td></td></tr><tr><td></td><td></td><td></td></tr></tbody></table>