GDPR Data Mapping Services
The key to being compliant with GDPR Regulations is understanding what data flows within your organisation.
But did you also know that GDPR requires for many organisations to maintain a Register of Processing Activities (ROPA) which is a holistic view of how your organisation handles data.
What are your Obligations?
Article 30 of GDPR requires that each controller maintain a Record of Processing Activities under its responsibility. While there are some exceptions, many organisations fall under this requirement.
What is a Record of Processing Activities?
A Record of Processing Activities or ROPA is a written document (in electronic format) that contains details of all types of data processed by the organisation.
Information required includes;
- A description of categories of data subjects and personal data,
- Whether the data is shared outside of the EEA,
- Retention periods
- Technical and organisational measures in place.
How can we help?
GDPR Audits can help your organisation map out how data enters and is used to provide a comprehensive view which can be shared with the Data Protection Commission, should they ever request it.
By carrying out a data mapping exercise, you will have a clear handle on what type of controls are already in place and where the gaps are.
Based on these results we can provide customised solutions and recommendations to help you and your organisation to become GDPR compliant.
As your Record of Processing Activities is a “live” document and essentially should always be reviewed and updated to reflect any changes, we are on hand to guide you when needed.
Everything you need for GDPR & data protection compliance
Start GDPR Data Mapping today