Commissioner’s announcement on ongoing GDPR compliance investigations

30 Nov 2018

On the 28th of November 2018, the Cyprus Commissioner announced that her office currently and targetly investigates whether every public authority and private organisation has appointed a Data Protection Officer (DPO) and whether a record of processing activities is maintained in paper form and in electronic format, in case such obligation exists.

The announcement follows the Commissioner’s observation that the private and public organisations, in many cases, do not abide by the GDPR provisions, noting the following;

  • There are some cases where the appointed DPO did not property prepare the organisations for GDPR compliance,
  • Some public authorities didn’t fill out their activity records or filled them out improperly.

The record keeping of processing activities is clearly a GDPR obligation in which the Commissioner concentrates on during her investigation efforts. It is important to note that even small organisations may be required to maintain records of processing activities, for example where the processing of personal data is carried out on a non-occasional basis.

Privacy Minders is in a position to advise you on your organisation’s GDPR needs and obligations and also lead your organisation’s GDPR compliance project.

See the Commissioner’s official press release here

MORE RELATED NEWS

Our Director, Maria Raphael, was a speaker at the 3rd Digital & Payments Conference
Privacy Minders’ co-founder was elected the President of the EADPP
Personal Data Protection Fines in Cyprus from July to September 2019
End of EU-US Privacy Shield: Impacts of the CJEU decision on data transfers outside EU
Larnaca, Cyprus

10  Patron Street
Larnaca 6051
Cyprus

London, United Kingdom

71-75 Shelton Street
London WC2H 9JQ
United Kingdom

Get in touch

Tel: +357 24812581/82
Fax: +357 24812583
Email: info@privacyminders.com

Click here to Subscribe