³ÉÈËÓ°Òô

Data protection impact assessment

A data protection impact assessment (DPIA) does what the name suggests—it’s a way of assessing the data protection impact of a particular project or process on any affected individuals.

For tools and guidelines on conducting a DPIA, see Precedents:

  1. •

    Data protection impact assessment—DPIA and Data protection impact assessment—DPIA—short form

  2. •

    Data protection impact assessment—DPIA—report

  3. •

    Data protection impact assessment—consultation form

  4. •

    Data protection impact assessment—consultation feedback form

The ICO guidance on DPIAs can be found in two locations: UK GDPR guidance and resources, Accountability and governance, Guide to accountability and governance, Data protection impact assessments and UK GDPR guidance and resources, Accountability and governance, Data Protection Impact Assessments (DPIAs).

What is a data protection impact assessment?

A DPIA is a tool that can help you:

  1. •

    identify and minimise the data protection risks of new projects, and

  2. •

    meet individuals’ expectations of privacy

Generally, a DPIA is conducted at the start of a project that could have data protection or privacy implications, eg rolling out a new document management or HR system. The DPIA will enable you to:

  1. •

    systematically and thoroughly analyse

To view the latest version of this document and thousands of others like it, sign-in with ³ÉÈËÓ°Òô or register for a free trial.

Powered by Lexis+®
Latest Risk & Compliance News
View Risk & Compliance by content type :

Popular documents