Data protection impact assessment—DPIA

Published by a ³ÉÈËÓ°Òô Risk & Compliance expert
Precedents

Data protection impact assessment—DPIA

Published by a ³ÉÈËÓ°Òô Risk & Compliance expert

Precedents
imgtext
    1. 1

      Project overview

      Project summary[Summarise the project, eg new IT system for storing and accessing personal data, or proposal to identify people in a particular group or demographic to predict their buying needs]
      Processing purposes[Insert the purposes of the processing, eg improve the quality and accuracy of employee personal data and implement an improved process for deleting data that is no longer required]
      Lawful ground for processing[Insert lawful ground. Where the organisation intends to rely on legitimate interests as the lawful ground for processing, describe those legitimate interests and also confirm that a legitimate interest assessment has been undertaken.]
    1. 2

      Identify the need for a DPIA

      1. 2.1

        Project aims and benefits

        What does the project aim to achieve?[State what the project aims to achieve]
        What are the anticipated benefits to the organisation, individuals and/or other parties?[Describe anticipated benefits]
      1. 2.2

        Preliminary screening

        QuestionAnswer/comment
        Does the project involve one or more of the following:
        —systematic and extensive evaluation of personal aspects relating to natural persons based on automated processing (including profiling) on which decisions are based that produce legal effects for or similarly significantly affect
Powered by Lexis+®
Jurisdiction(s):
United Kingdom
Key definition:
Data protection definition
What does Data protection mean?

In an employment context, this refers to the obligation on an employer to protect the data of its employees and ensure that it complies with the law on how it uses the employees' data.

Popular documents