From training the employees to the implementation of corrective measures, several activities are required to comply with the General Data Protection Regulation (GDPR). In particular, we point out the Register of Processing Activities (RoPA), which, as an obligation imposed by the GDRP article 30, should always reflect the actual state of the organization. The list below highlights the activities required to implement the Regulation:
Employees planning, awareness and training
Data Processing Activities surveys
Register / Characterization of processing activities, documentation validation, and registration of data flows
Information security assessment and Data Processing risk analysis
Follow-up new projects, implement and monitor corrective measures
We are a highly specialized team of professionals with a vast experience in privacy and data protection topics.