Documenting a Record of Processing Activity

Category: Accountability / Governance / Security Management

Customer: Healthcare Distributor of products and services

Working as DPO with this distributor of healthcare products and services with companies across Europe we worked on a project to meet the Article 30 requirements of the GDPR.  This was a big project taking well over 6 months.  The companies in the group operate as controller and processor across a diverse range of processing activities.  One of the more challenging aspects of this project was the processor ROPA as the companies in the group work with hundreds of controller customers.  The challenge is not just in documenting the processor ROPA but ensuring that is maintainable in an ever-changing business landscape.  The project has driven better understanding of the organisations processing activities and will help to drive compliance going forward particularly in the areas of data transfer and security.

Join Our Newsletter

Sign-up to receive news and information from Fort Privacy

Fort Privacy processes your personal data in order to respond to your query and provide you with information about our products and services. Please see our Data Protection Statement for further information

Crash, Bang, Wallop! What happens when Artificial Intelligence meets GDPR?

07 March 2024

As a technologist, I am both excited and appalled at the developments in AI and it seems from various surveys that I am not alone. My greatest wish is that we can harness its power for good while dampening its power for misuse. It is early days yet – let’s hope this wish comes true!

The Great 2024 GDPR Quiz!

08 January 2024

Everyone loves a quiz so we decided we would kick-off the new year with a bit of tongue-in-cheek fun.

Have you been naughty or nice this year?

21 December 2023

Continuing the tradition of the Fort Privacy Christmas blog this year we are thinking about Santa and AI. Well, we need to keep these articles topical after all!

Scroll to top