As you are aware, the exemption for keeping Records of Processing is narrow in scope. Article 30 of the GDPR imposes a legal obligation on all data controllers and processors to maintain records of regular processing activities (RoPAs), with larger organisations being required to keep records of all processing activities. Organisations must be able to produce such records to the Data Protection Commission upon request.
When done properly, records of processing activities have many additional benefits:
Comprehensive records of processing are an effective means for organisations to demonstrate accountability and compliance with the EU data protection law.
We are an Irish based software company (Wandsoft Ltd) established in 2001 with a product (Bizoneo) aimed at assisting GDPR compliance, more generally focused on Governance, Risk & Compliance and Accountability under the GDPR.
We currently work with a mix of data protection consultants, data controllers (50-250 staff) and data processors (10-600 staff) in Europe and beyond.
We host our solution in Ireland with Irish owned data centres and do not rely on any US company (e.g. we are not in scope of the EU-US Privacy Shield).
Bizoneo is user friendly and has the following in-built features: asset management, records of processing, data processor handling, staff training management, data subject access requests handling, incident and breach reporting, document management, risk management with the ability to generate easy to read and comprehensive reports.
The Association is a membership organisation for those who are actively working as Data Protection Officers in their respective organisations.
The Association offers Data Protection Officers an opportunity to share ideas, voice concerns, seek clarity on new legislation, and offer their own insights on the demands and challenges of the job. Membership is open to anyone who fills a data management role within their organisation, whether formally or informally. The objective of the Association is to provide clarity on issues, raise awareness of the legislation and to offer its members a forum where these topics can be discussed.
Note: This offer does not constitute an endorsement from the ADPO.
Members of the Irish Association of Data Protection Officers www.dpo.ie can avail of a discount:
Please use our enquiry form to find out more and book a demo.