Ireland's Data Protection Commission published a guidance note to assist data controllers in compliance with Article 30 of the EU General Data Protection Regulation, which requires a maintained record of processing activities. The DPC drafted the guidance following a "sweep" of processing activity records of 30 public and private sector organizations and said it includes "particular emphasis" on the "positive practices identified" through the process, as well as identified shortcomings "to assist organisations as to 'What Not To Do.'"
20 April 2023
Irish DPC publishes Article 30 guidance
RELATED STORIES
A view from Brussels: Will health data sharing be a blueprint for other domains?
Notes from the Asia-Pacific region: China privacy landscape 'hot and dynamic as ever'
California awaits fate of legislature-approved AI safety bill
Automated decision-making or automated decision-execution?
Brazil's new regulation on international data transfers