Data Protection and GDPR Level 3 for Managers and Business (VTQ)

64 videos, 2 hours and 55 minutes

Course Content

What is a data inventory

Video 62 of 64
2 min 4 sec
Want to watch this video? Sign up for the course or enter your email below to watch one free video.

Unlock This Video Now for FREE

This video is normally available to paying customers.
You may unlock this video for FREE. Enter your email address for instant access AND to receive ongoing updates and special discounts related to this topic.

Documenting Data Processing: Importance and Guidelines

Understanding Documentation Requirements

Factors Affecting Documentation: The need for formal documentation depends on organisational size, data volume, and type of data processed.

Comprehensive Recording: Documenting all processed data is essential for transparency and compliance.

Benefits of Data Inventory

Valuable Exercise: Despite not being mandatory for smaller organisations, creating a data inventory proves highly beneficial.

Identification of Processing: The inventory aids in identifying all processing activities and the corresponding data held.

Facilitating Policy Review: Helps significantly during privacy policy reviews by providing necessary compliance information.

Components of a Data Inventory

Inclusive Data: The content of a data inventory varies based on processing activities and data types.

  • Data Source: Identify where the data originates, e.g., individuals or employers.
  • Data Categories: Categorise the data subjects, such as employees, customers, or suppliers.
  • Data Types: Specify the types of personal data processed, like contact information or financial records.
  • Purpose of Processing: Define the purpose, such as supplying goods, payroll, or marketing.
  • Lawful Basis: Document the legal basis for processing, whether contract, consent, or legitimate interest.
  • Sensitive Data: Indicate if the data includes special category/sensitive personal data.
  • Data Volume: Record the volume of data processed.
  • Retention Period: Specify the duration for which the data is retained.
  • Third-Party Recipients: List any third parties receiving the data.
  • Data Transfer Safeguards: Ensure appropriate safeguards for data transfer.
  • Individual Rights: Detail the rights available to individuals, such as access, rectification, or erasure.

Accessing an Example Inventory

An example data inventory template is available for download on the homepage.