FREE GDPR Compliance Review
High-level review of your GDPR compliance position.
Records of Processing Activities (ROPAs)
As seen with the mandatory requirement to conduct DPIAs, the GDPR is a heavily risk-based law. However, many organisations are missing one of the best tools for identifying data risk in their processing, i.e., a record of processing activities (or ROPA), despite, currently, it being a statutory requirement for most organisations under Article 30. In URM’s opinion a ROPA should be front and centre of any controller’s DP compliance effort. URM has helped a number of organisations develop their ROPAs and once developed can help you identify not just the risky processing, but also the mitigating steps that can be taken to control those risks. It’s worth remembering that the ROPA will be one of the first compliance documents requested by the regulator in the event of a data breach.
Get in touch
Please note, we can only process business email addresses.
Why URM?
Track record
URM’s DP and GDPR consultants have extensive ‘real world’ experience as both practitioners and subject matter experts working at a senior level within business and in their data protection consulting roles advising organisations on best practice. With a 17-year track record assisting organisations to comply with legislation such as the Data Protection Act, the GDPR and local country-specific legislation, URM has earned a reputation for adopting a pragmatic and business appropriate approach.
Flexible service offerings
A key differentiator between URM and other data protection service providers is our flexible service offerings. Our virtual DPO service can be customised to your precise requirements, in terms of the type of support you require and the frequency of site days (remote or on site) etc. Equally, with our remediation support, URM can assist you address any gaps identified and achieve full GDPR compliance. We can also help you maintain that compliance with GDPR auditing services.
Knowledge transfer
URM prides itself on its knowledge transfer philosophy and training expertise which helps to ensure that you not only understand what the principles and requirements of the GDPR are but how to best meet them.
Data Protection Considerations for Monitoring Employees
URM’s blog offers key advice and detailed guidance on how to balance your organisation’s needs with GDPR compliance as you perform workplace monitoring.
URM’s blog discusses the importance of LIAs for maintaining compliance with the GDPR, as well as providing a step-by-step breakdown of how to conduct one.
URM’s blog explores the first provisional monetary penalty imposed by the ICO exclusively on a data processor & the lessons that can be learned from the case.
URM’s blog reviews ICO enforcement activities for the 1st half of 2024, highlighting trends & shifts in how it enforces against data protection breaches.