Data mapping: a step-by-step guide

As part of GDPR compliance, organizations are required to create and maintain the so-called “Record of Processing Activities”, often refered to as the RoPA. Sometimes, professionals within data protection and privacy may use the term interchangeably with the term “data mapping”. This is a technical term rather than a legal term, but it is well established in GDPR slang to be identical to RoPA. In this guide, we will go through the requirements for a controller’s RoPA.