A-Z of data protection - R is for ...

Article Banner

A-Z of data protection: terms you need to know


a type of malware that blocks access to your data, such as by encryption, or threatens to publish personal data unless a demand for ransom is met

Record of Processing Activities (ROPA)
a written record of all data processing activities done by a controller or processor, which typically contains a description of personal information in the system, the purpose, scope and method for processing, the recipients to whom they may be disclosed, data transfer details, the retention period for the data, and security measures in place
The required content for the ROPA may vary slightly per jurisdiction; check with the local jurisdiction to ensure full compliance

residual risk
the level of risk remaining after actions and controls are in put in place

retention limitation
an organisation must not retain or keep any personal data it no longer needs to fulfil any business purpose
one of the 11 data protection obligations under Singapore's Personal Data Protection Act (PDPA)

retention policy

Already a member?  
Unlock these benefits

Get access to news, enforcement cases, events, and actionable tips and guides


Get regular email updates and offers


Job opportunities, mentorship and career guidance


Exclusive access to Data Protection community - ask questions, network and share knowledge with peers and experts via WhatsApp and Linkedin

Related Articles