
Who Needs a ROPA and Why?
Under the UK General Data Protection Regulation (GDPR), the majority of organisations processing personal data are required to create and maintain a formal record of processing activities (ROPA). It is widely regarded as the core data protection compliance document. In this, the first of two blogs on ROPAs, we are going to address two fundamental questions.