Records of Processing (Article 30) Guidance

Christophe BARDY - GRACES community
2/5/2023
Propulsé par Virginie
Cet article est réservé aux membres GRACES.community

Article 30 of the General Data Protection Regulation (GDPR) requires Data Controllers to maintain a Record of Processing Activities (RoPA) under their responsibility. Article 30 GDPR prescribes the information the records must contain and states that controllers and processors must be in a position to provide such records to the Data Protection Commission (DPC) on request. The Records of Processing Activities (RoPA), as a measure to demonstrate compliance, is one of the means by which Data Controllers demonstrate and implement the principle of accountability as set out in Article 5(2) GDPR. A well drafted RoPA will demonstrate to the DPC that a Data Controller is aware of, and has considered the purpose of, all processing activities taking place within the organisation.


This guidance should assist controllers with compliance with Article 30 of the GDPR.


Envie de lire la suite de l’article ?
Il vous reste 50% de l’article à lire
Inscrivez-vous sur GRACES.community pour profitez de toute l’actualité compliance
directement depuis votre espace Membre !
M'inscrire

Plus de 200 sociétés ont trouvé leur compliance officer avec GRACES.community,

et si c’était vous ?