Conference paper Open Access

A Common Semantic Model of the GDPR Register of Processing Activities

Ryan, Paul; Pandit, Harshvardhan J.; Brennan, Rob

The creation and maintenance of a Register of Processing Activities (ROPA) is an essential process for the demonstration of GDPR compliance. We analyse ROPA templates from six EU Data Protection Regulators and show that template scope and granularity vary widely between jurisdictions. We then propose a flexible, consolidated data model for consistent processing of ROPAs (CSM-ROPA). We analyse the extent that the Data Privacy Vocabulary (DPV) can be used to express CSM-ROPA. We find that it does not directly address modelling ROPAs, and so needs additional concept definitions. We provide a mapping of our CSM-ROPA to an extension of the Data Privacy Vocabulary.

Files (438.1 kB)
Name Size
FAIA-334-FAIA200876.pdf
md5:01a12caaddb29e32cb74f5d82cc07414
438.1 kB Download
26
15
views
downloads
Views 26
Downloads 15
Data volume 6.6 MB
Unique views 25
Unique downloads 15

Share

Cite as