Difference between revisions of "Processing Activities"
(→Workflow) |
|||
| Line 26: | Line 26: | ||
|Inactive || A ''processing activity'' in this status is not executed by the ''organization''. Either it was in the past or it will in the future. | |Inactive || A ''processing activity'' in this status is not executed by the ''organization''. Either it was in the past or it will in the future. | ||
|- | |- | ||
| − | |Cancelled || ''Processing activity'' cancelled. It is still possible to recover a ''processing activity'' from this status by enabled users. | + | |Cancelled || ''Processing activity'' cancelled. It is still possible to recover a ''processing activity'' from this status by enabled ''users''. |
|- | |- | ||
|} | |} | ||
== Information == | == Information == | ||
| − | '' | + | ''Processing activities'' records information are organized in four sections: |
* <u>''Identification''</u>, where identification data of the ''access request'' are recorded, | * <u>''Identification''</u>, where identification data of the ''access request'' are recorded, | ||
Revision as of 13:18, 11 September 2018
Contents
Introduction to Processing Activities
Processing activities are the core of element of personal data. Many regulations require to document and assess them.
The process enables to record processing activities, to maintain them and use them for assessment or other tasks related to personal data management.
Workflow
A new processing activity can be created using the Add New functionality and choosing "New Processing Activity".
A workflow enables to move the processing activities in several statuses as shown in the following picture.
The following table explains the meaning of each status:
| Status | Description |
|---|---|
| Default | A temporary status when the processing activity is initially created before the first save. |
| Draft | A processing activity in this status is draft. |
| Active | A processing activity in this status is actually executed by the organization. |
| Inactive | A processing activity in this status is not executed by the organization. Either it was in the past or it will in the future. |
| Cancelled | Processing activity cancelled. It is still possible to recover a processing activity from this status by enabled users. |
Information
Processing activities records information are organized in four sections:
- Identification, where identification data of the access request are recorded,
- Ownership & Organization, containing the assignment of the key roles enabled to manage the access request;
- Access Request Details, with the details of the access request;
- Data Subject Details, with the details of the data subject issuing the access request;
- Data Subject Representative, containing the details of the representative of the data subject, if any.
Details on every fiel can be found by pointing the mouse on the (i) next to each field. This will activate a tooltip with a brief description of the field.
TBC WITH TAB INFORMATION...
Privileges
Access request can be created by the users to whom the corresponding privilege is granted (see Users & Groups for more information on how to set this privilege.
The lifecycle of the access request is managed by the roles DPO group, data controller group, data processor group and owner. Groups are pre assigned to the roles according to the settings (see Settings for more information on how to set these defaults). Initial assignments can be modified according to privileges choosing among the enabled groups (see once again Settings for more information on how to enable groups)
| Role | Description |
|---|---|
| DPO Group | Members of the group assigned to this role maximum privileges on access requests. They can:
|
| Data Controller Group | Members of the group assigned to this role have mainly view privileges on access requests. |
| Data Processor Group | Members of the group assigned to this role have mainly view privileges on access requests. |
| Working Team | Members of this group have many privileges on the access request. They can manage its entire lifecycle, being enabled to:
|
| Audit Team | Members of the group assigned to this role have mainly view privileges on access requests. |
| Owner | This role can be assigned to a single user among members of the groups previously assigned. The Owner has many privileges on the owned access requests:
|
Warning and alerts
TBC
Reports
The list of access requests can be filtered and exported to excel format from the view Access Requests.
Related processes
Access Requests can be related to processing activities
