Article 30 of GDPR requires companies to produce records of processing activities (ROPA). According to the ICO, this requires “a formal, documented, and accurate ROPA based on a data mapping exercise that is reviewed regularly”. ROPA reflects the accountability...
Introduction What is the GDPR Accountability Principle? The GDPR accountability principle is a core concept that requires organisations to take responsibility for data protection and provide evidence of their compliance efforts. Set out in Article 5(2) of the GDPR,...
