The U.K. Information Commissioner’s Office has released guidelines and templates to help organizations document their processing activities under Article 30 of the EU General Data Protection Regulation. The ICO provides a checklist containing both the requirements and best practices when documenting processing activities, as well as offering a documentation template for both controllers and processors. The guidelines list out all the items organizations need to document under Article 30 of the GDPR, including the name and contact details of an organization, retention schedules, and the description of a company’s technical and organizational security measures.
Full Story
Comments
If you want to comment on this post, you need to login.