Spreadsheet to Strategy: Making RoPAs Work for You

Join Us Live – Friday 3rd July 2026 at 12:30 PM

Many organisations view their Record of Processing Activities, or RoPA, as nothing more than a compliance exercise. Once completed, it is often filed away and only revisited when an audit, assessment, or regulator comes knocking.

However, a well-maintained RoPA can be one of the most valuable tools in your data protection framework.

In this episode of the Data Protection Made Easy podcast, hosts Catarina Santos and Himanshi Gulati will be joined by Sinead Santos, Cate and Caine Glancy to explore how organisations can transform their RoPA from a static spreadsheet into a practical tool that supports accountability, risk management, governance and ongoing compliance.

Whether you are creating your first RoPA, refreshing an existing one, or struggling to keep it up to date, this session will provide practical advice and real-world insights to help you get more value from your records.

What We’ll Be Discussing

• Why RoPAs are a legal requirement under the UK GDPR
• Common mistakes organisations make when maintaining their records
• How to keep RoPAs accurate, relevant and up to date
• Using your RoPA to identify risks and support compliance activities
• How RoPAs can strengthen accountability across the organisation
• The relationship between RoPAs, DPIAs, retention schedules and data mapping
• Practical ways to make your RoPA useful for day-to-day decision making
• Lessons learned from supporting organisations across different sectors

Why Attend?

A well-managed RoPA should be much more than a compliance document. When used effectively, it can help organisations understand what personal data they hold, demonstrate accountability, support data rights requests, identify compliance gaps and improve wider governance.

This session is designed for Data Protection Officers, Information Governance professionals, compliance teams, risk managers, HR professionals and anyone responsible for managing personal data within their organisation.

Meet the Speakers

Catarina Santos is a Data Protection Consultant at Data Protection People and a regular host of the Data Protection Made Easy podcast. Catarina works closely with organisations across a range of sectors, helping them navigate practical data protection challenges and build effective compliance frameworks.

Himanshi Gulati is a Data Protection Consultant at Data Protection People with experience supporting organisations on governance, compliance, accountability and operational data protection requirements.

Sinead Santos is a data protection professional with experience supporting organisations with compliance, governance and practical implementation of UK GDPR requirements.

Caine Glancy is the Data Protection Support Service Manager at Data Protection People. Caine works closely with organisations to resolve complex data protection issues and helps clients embed practical, workable compliance solutions into their day-to-day operations.

Register Your Place

The Data Protection Made Easy podcast is the UK’s leading data protection podcast, bringing together privacy professionals, compliance specialists and industry experts every Friday at 12:30 PM.

Join us live to ask questions, contribute to the discussion and learn from experienced practitioners tackling real-world data protection challenges every day.

Date: Friday 3rd July 2026
Time: 12:30 PM BST
Topic: Spreadsheet to Strategy: Making RoPAs Work for You