Ireland's Data Protection Commission published a guidance note to assist data controllers in compliance with Article 30 of the EU General Data Protection Regulation, which requires a maintained record of processing activities. The DPC drafted the guidance following a "sweep" of processing activity records of 30 public and private sector organizations and said it includes "particular emphasis" on the "positive practices identified" through the process, as well as identified shortcomings "to assist organisations as to 'What Not To Do.'"
20 April 2023
Irish DPC publishes Article 30 guidance
RELATED STORIES
AI and patents: What qualifies as a creator
Privacy in Arkansas: Is Arkansas ready for a consumer privacy law?
A view from DC: CFPB calls for states to regulate financial privacy
Notes from the IAPP Canada: OPC's WADA investigation 'raises some interesting issues'
First fine imposed under Thailand's Personal Data Protection Act