The Ten Step Guide to Meeting GDPR Article 30 Record Keeping Requirements

February 3, 2017 | White Papers

Data mapping and inventory are critical components of any privacy program. Understanding how data is flowing through the organization is a pre-requisite to being able to secure the data and analyze the data for risks. Maintaining an inventory also helps organizations more efficiently respond to data subject rights request to delete, correct, access, or port their data.

 

In the EU’s new General Data Protection Regulation (GDPR), organizations are expected to maintain extensive and up-to-date internal records of their data processing activities. According to Article 30 of the GDPR, organizations will be held accountable for compliance with record keeping requirements, with equal responsibility given to both data controllers and data processors.

 

OneTrust provides a simple and automated solution for data mapping, designed to address compliance with GDPR Article 30 record keeping requirements and self-certification with Privacy Shield for data transfers. OneTrust Data Mapping enables organizations to visualize the entire data lifecycle, maintain an evergreen data inventory (data processing register), identify gaps and track recommendations, evidence and approvals for remediating risk.

Get Access to the Resource

Why do we ask for this information? The resources we provide on our website contain OneTrust intellectual property related to our products and research. In an effort to protect this IP, we ask for your basic contact details to help us validate your identity before we open access to these resources.

I'd like to learn more about OneTrust*

Would you like to receive emails from OneTrust about other resources, products and services? You can unsubscribe at any time.*

Privacy Notice

You can learn more about how we handle your personal data and your rights by reviewing our privacy notice.