What granularity for register processing sheets?
Les 2 règles d’or pour structurer vos fiches de traitement, en adoptant la bonne granularité pour un registre RGPD efficace.
Since the entry into force, on May 25, 2018, of the General Data Protection Regulation, known as RGPD, data controllers and their data subcontractors must document their compliance, this is the principle of Accountability.
Among the documentation obligations, maintaining the register of processing activities is a perfect illustration of this accountability requirement (Article 30 of the GDPR)
The purpose of the register of processing activities is to identify the processing of personal data carried out by a data controller or by a data subcontractor.
In practice, the register consists of treatment sheets. A sheet must be prepared for each treatment activity. Taken at face value, the register will consist of as many forms as the processing of personal data within an organization, which will pose problems of maintainability and maintenance of the register.
When drafting the register of processing activities, a problem concerns the majority of DPOs: “What level of granularity should be adopted for a register that complies with regulations? ”
In this video, we will give you the 2 golden rules to apply for an adequate granularity of your register.
