The following Risk & Compliance practice note provides comprehensive and up to date legal information covering:
This Practice Note provides practical guidance on how to undertake data mapping. It is based on an article by Nicola Fulford of Hogan Lovells and Krysia Oastler of Kemp Little, first published in the Privacy and Data Protection Journal.
Data mapping (finding out what personal data your organisation processes) is often cited as one of the first tasks to tackle in a data protection compliance plan.
Data controllers are required to have a written record of data processing activities—such records must be made available to the supervisory authority on request. See Precedent: Data processing register. According to ICO Guidance: How do we document our processing activities?:
‘A good way to start is by doing an information audit or data-mapping exercise to clarify what personal data your organisation holds and where. It is important that people across your organisation are engaged in the process; this can help ensure nothing is missed when mapping the data your organisation processes. It is equally important to obtain senior management buy-in so that your documentation exercise is supported and well resourced.’
Data mapping can seem like an overwhelming task, particularly for large global/multi-national businesses. This Practice Note provides practical guidance on how to undertake data mapping, including:
the legal requirements under the UK General Data Protection Regulation (UK GDPR) Regulation (EU) 2016/679
some areas to consider when planning
Free trials are only available to individuals based in the UK
Complete all the fields above to proceed to the next step.
**Trials are provided to all LexisPSL and LexisLibrary content, excluding Practice Compliance, Practice Management and Risk and Compliance, subscription packages are tailored to your specific needs. To discuss trialling these LexisPSL services please email customer service via our online form. Free trials are only available to individuals based in the UK. We may terminate this trial at any time or decide not to give a trial, for any reason. Trial includes one question to LexisAsk during the length of the trial.
To view the latest version of this document and thousands of others like it, sign-in to LexisPSL or register for a free trial.
Existing user? Sign-in
Take a free trial
Take a free trial
RobberyRobberyRobbery is a theft offence, involving dishonesty but elevated also by the intention to use force.Robbery can only be tried in the Crown Court on indictment and is categorised as a class 3 offence.Elements of the offence of robberyA person is guilty of robbery if:•they steal something,
IP COMPLETION DAY: 11pm (GMT) on 31 December 2020 marks the end of the Brexit transition/implementation period entered into following the UK’s withdrawal from the EU. At this point in time (referred to in UK law as ‘IP completion day’), key transitional arrangements come to an end and significant
Private nuisancePrivate nuisance is an unlawful interference with a person's use or enjoyment of land or some right over or in connection with it. Interference must be unreasonable, and may be caused, eg by water, smoke, smell, fumes, gas, noise, heat or vibrations. Where the defendant has not
Working with counselInstructing counsel to advocate on a client’s behalf should be a matter of careful thought and preparation. The role of counsel is to provide independent objective advice and to deploy the skill of advocacy on behalf of the client. Although they are part of a team, they also
0330 161 1234