24Jul 2018

The importance of the Records of processing activities (Art. 30 GDPR)

By Paolo Balboni 24 Jul 2018 Article 29 Working Party, EDPB, GDPR, Supervisory authorities EDPB, GDPR Permalink

A number of Supervisory Authorities have already mentioned that their investigations on GDPR compliance will start from the analysis of the Records of processing activities (Art. 30 GDPR). By having accurate and complete Records, organisations will be able to prove that they are taking the GDPR seriously by applying a systematic approach to mapping and governing data flows and related processing activities.

This is also confirmed by the recent statement of the Dutch Supervisory Authority which can be found here. In this respect, it is worth pointing out the extensive interpretation of such obligation by #A29WP (now #EDPB) in its Working Party 29 Position Paper on the derogations from the obligation to maintain records of processing activities pursuant to Article 30(5) GDPR.

Blog

The place where we write some words

Paolo Balboni

CONNECT

Categories

LOOKING FOR SOMETHING?

DATA PROTECTION IS A SOCIAL RESPONSIBILITY

Blog

The place where we write some words

Related Posts

“EU AND GLOBAL CYBERSECURITY FUNDAMENTALS” COURSE WEEK 6: A CYBERSECURITY READING OF THE GDPR

Habemus UK adequacy!

Reflections on three years of the GDPR

GDPR and the Coronavirus in Italy

Call for global agreement on Data Protection

The Legal Aspects of Blockchain Technology: Smart Contracts, Intellectual Property and Data Protection: Part I

Paolo Balboni

CONNECT

Categories

Tags

LOOKING FOR SOMETHING?