Article 30 of GDPR requires companies to produce records of processing activities (ROPA). According to the ICO, this requires “a formal, documented, and accurate ROPA based on a data mapping exercise that is reviewed regularly”. ROPA reflects the accountability...
Data privacy compliance is not just a matter of complying with the law. It is also about your company’s reputation and competitiveness. A large number of countries have implemented data privacy laws, and more are on the way. There are also revisions to the EU’s...
Introduction What is the GDPR Accountability Principle? The GDPR accountability principle is a core concept that requires organisations to take responsibility for data protection and provide evidence of their compliance efforts. Set out in Article 5(2) of the GDPR,...
Introduction In the wake of the General Data Protection Regulation (GDPR), individuals have more control than ever over the personal data companies hold about them. For businesses, this means increased responsibility to make data accessible, with significant penalties...
Under global, data privacy laws, data protection by design and by default is a legal requirement. Organisations appointing data protection Officers are key to their success in meeting privacy by design and default. A DPO’s primary responsibility is to make sure your...
