Data Protection Impact Assessment (DPIA)

Data Protection Impact Assessment (DPIA) as a Service is a workshop based consulting service facilitated by our experienced privacy specialist. DPIA as a Service defines the risks caused to data subjects.

Overview Data Protection Impact Assessment (DPIA)

The General Data Protection Regulation (GDPR) determines that conducting Data Protection Impact Assessments (DPIA) is mandatory pre-requisite in a variety of cases where personal data is processed in a way that is likely to result in a high risk to the rights and freedoms of individuals. A Data Protection Impact Assessment (DPIA) as a Service is a workshop-based consulting service facilitated by our experienced privacy specialist.

Process

DPIA is usually carried out as a process, which includes the following steps:

  • Planning – Defining the scope and target of assessment
  • Data gathering – Collecting data about the target
  • Reporting – Delivery of final report

DPIA is usually targeted at processing which includes systematic monitoring of data subjects, or it contains large-scale processing of special categories of personal data e.g.

  • Camera surveillance
  • Clinical research
  • Employee healthcare
  • Pension fund

Results

The goal of a Data Protection Impact Assessment (DPIA) is to:

  • Identify & prioritise risks to the rights of the data subjects
  • Compose an extensive compliance analysis against the GDPR & other relevant legislation
  • Define controls to mitigate risks
  • Demonstrate compliance

Benefits

By conducting a Data Protection Impact Assessment as a Service, an organisation will receive the following benefits:

  • A systematic description of all the processing activities
  • Estimation whether data processing activities are necessary and proportionate
  • A high-quality DPIA done with the assistance of Privaon’s privacy specialist
  • Implement risk-based approach
  • Customised and tested baseline criteria specifically designed to meet the requirements of the GDPR
  • A final report, which includes an executive summary, prioritised risks and an action plan to mitigate risks

Other Assessment Services

We offer Privacy Impact Assessment (PIA) as a Service, which is a workshop based consulting service conducted by our privacy specialist. Also, we offer PIA as a software solution, see our Privacy Impact Assessment tool. See also our other privacy services.

To learn more interesting insights, read our blog about best practices in privacy.