Record of Processing Activity

Have questions about the Record of Processing Activity (RoPA)? We can help!

The RoPA is a key tool in documenting how personal data is collected, used, and managed at 福利姬. Completing a RoPA helps us meet legal and institutional requirements, strengthens data privacy practices, and makes it easier to respond to audits or regulatory inquiries.

This FAQ walks you through what a RoPA is, why it matters, who鈥檚 responsible, and how to complete or update your entry. Whether you're a data steward, system owner, or just unsure where to start, we鈥檝e got you covered.

Still have questions after reading? Reach out anytime by or emailing us at DATA@augusta.edu鈥攚e're here to help.

Contact Us

Data @ AU

Frequently Asked Questions

No filter applied.

A Record of Processing Activity (RoPA) is a documented inventory of how personal data is collected, used, and managed across the institution. It helps track data processing activities for transparency, security, and compliance.

RoPA ensures we understand and document how personal data is handled, supports compliance with data privacy regulations, and helps mitigate risks related to data management.
If your department or system processes personal data鈥攕uch as student records, HR information, financial data, or research participant details鈥攜ou likely need to complete a RoPA. If unsure, reach out to DATA@augusta.edu for guidance.
The Data Governance Coordinator oversees the RoPA process, while Data Stewards and Data Managers are responsible for providing and updating information about systems their functional areas
RoPA helps ensure we meet legal and institutional data privacy requirements by maintaining a clear record of data usage, reducing risks, and making audits or regulatory reporting easier.
If you have questions or need assistance, contact the Data Governance Coordinator at DATA@augusta.edu with the subject RoPA Guidance for [insert system name].

The RoPA is completed annually.  

If you have completed the survey before, you will be sent a PDF of your past responses with a survey asking if your responses, uses of the data, etc. have changed in the past year. If yes, you鈥檒l be contacted to update your survey. If no, you鈥檙e good for another year. 

If your system does not have a completed RoPA, you鈥檒l be asked to complete the survey as soon as possible. You will receive a link to the Qualtrics survey, where you鈥檒l provide details about your data processing activities. Instructions will be included in the survey.  
Past RoPA records are stored in Qualtrics. If you need access, contact the Data Governance Coordinator at DATA@augusta.edu with the subject RoPA [year it was completed] for [system name]. 
Governance roles, including system and data owners, are documented in the RoPA records. To see the governance structure, go to augusta.edu/data/structure. If you still have questions, please reach out to DATA@augusta.edu with the subject RoPA Contacts for [system name]. 

While the annual cyber review does have many over lapping questions with the RoPA, they currently live in two different departments in PDF form, so it鈥檚 difficult to share this information across units in any meaningful way.  

Further, cyber and data governance teams each have different questions or questions that focus on different aspects of data use. However, if you have completed a Triage or RAARe form for cyber, it will be useful to have on hand when you complete the RoPA. 

 

Compliance and Documentation

General Data Protection Regulation

USG Business Procedures Manual 12.0

Data Privacy Request

Data Privacy Request