Along with many other US companies with customers in the EU, Everlaw started preparing for GDPR compliance early last year. While we still have some work to do before May 25th, we have made significant progress, especially in our documentation of data processing activities and creating data inventories.
When I couldn’t find a free tool that worked for the process I wanted to implement at Everlaw, I created one in Google Sheets that all of our teams could work on in real-time. Below, we’ll share with you the tool we created to manage this documentation.
This tool combines documentation for GDPR Article 30: Records of processing activities, Article 32: Security of processing, and Article 35: Data protection impact assessment into one workbook (including a place to document Article 15: Right of access by the data subject).
We are sharing this with anyone who wants to use it! Why? Everlaw has an established history of contributing to open-source projects. We’ve also shared tips on how teams can optimize open-source contributions. Although the term “open source” originated in the context of software development, it is increasingly used to refer to something that people can “modify and share because its design is publicly accessible.”
GDPR requires a major shift in how companies treat privacy and data protection. We think that approaching compliance the open-source way, where companies can learn from each other and freely exchange ideas and approaches, is the best way forward. We hope that you find this document useful!
Send us your feedback to firstname.lastname@example.org!
The materials available at this web site are for informational purposes only and not for the purpose of providing legal advice. You should contact your attorney to obtain advice with respect to any particular issue or problem.