One of the documentation and governance requirements under GDPR is that businesses keep a record of its processing activities involving personal data. This course module gives you an overview of process documentation and and practical guidance on how to meet the requirement to keep a Register of Processing Activities or “ROPA” for compliance with Article 30 of GDPR.
On completion of this module, you will be able to:
- Define a processing activity involving personal data
- Understand requirements for process documentation under Article 30 of GDPR
- Understand how to map a process
- Be able to create a “Register of Processing Activities”
- Identify key process areas to meet requirements