Controller accommodation is the concept of processors accepting the burdens of the GDPR on behalf of controllers when systematic or procedural boundaries necessitate it.
Generally, this is put into the context of employing security measures and facilitating requests from data subjects to exercise their rights. The condition should eliminate finger pointing between controllers and processors, something that vague privacy doctrines of the past have allowed, but it seems as though companies are having trouble determining and formally spelling out when business relationships and technology interplay demand accommodation.
