© 2019 by GDPR Designers

  • Twitter Metallic
  • s-linkedin

GDPR Designers

19 Newtown Villas -  Blackrock - Co. Dublin - Ireland

Tel     +353 1 254 9225     +1303 586 1763

info@gdprdesigners.com

Contact us for a consultation
Data Protection Impact Assessment

 

Data Privacy Assessments and Privacy Impact Assessments are risk assessments that review the level of risk inherent in your data privacy practices.  

 

(a) DPIA - Data Privacy Impact Assessments

The GDPR requires organisations to conduct a DPIA or “Data Protection Impact Assessment” where processing is likely to result in a high risk to the rights and freedoms of individuals. 

GDPR Designers can assist in conducting DPIAs either as part of our DPO offering, or as a stand-alone service.  These assessments should be carried out prior to undertaking the new activity or processing, and the DPO should be consulted. 

 

 

(b) PIA - Privacy Impact Assessments

It is recommended to conduct a PIA whenever the organisation undertakes a new project or service or business function, or where any changes to data processing within an organisation are envisaged.  The aim of conducting a PIA is to ensure that the risks to personal data inherent in any new activities are identified and measures are taken to address and mitigate those risks.  These assessments should be carried out prior to undertaking the new activity or processing.  

 

 

Benefits:

  • Incorporating DPIAs into your organisations’ project management procedures demonstrates compliance with the principle of ‘Privacy by Design’ by enabling you to identity risks to personal data and incorporate measures at the design phase to ensure privacy. 

  • Engaging external advisors to assist with this process ensures that your organisation remains up to date with developing approaches to DPIA, following guidance and rulings issued by the various courts, parliaments and regulators across the EU. 

  • Demonstrates a ‘risk-based’ approach to GDPR compliance which is a core requirement of GDPR.

  • Conducting a privacy assessment can help prioritise any risks identified. 

Data assessments

Data Privacy Assessments and Privacy Impact Assessments are risk assessments that review the level of risk inherent in your data privacy practices.  

The GDPR requires organisations to conduct a Data Protection Impact Assessment (DPIA) where processing is likely to result in a high risk to the rights and freedoms of individuals.  These assessments should be carried out prior to undertaking the new activity or processing, and the DPO should be consulted. 

We can assist in conducting DPIAs either as part of our DPO offering, or as a stand-alone service. 

It is recommended to conduct a Privacy Impact Assessment (PIA) whenever the organisation undertakes a new project or service or business function, or where any changes to data processing within an organisation are envisaged.  The aim of conducting a PIA is to ensure that the risks to personal data inherent in any new activities are identified and measures are taken to address and mitigate those risks.  These assessments should be carried out prior to undertaking the new activity or processing.  

Incorporating DPIAs into your organisations’ project management procedures demonstrates compliance with the principle of ‘Privacy by Design’ by enabling you to identity risks to personal data and incorporate measures at the design phase to ensure privacy.

Engaging external advisors to assist with this process ensures that your organisation remains up to date with developing approaches to DPIA, following guidance and rulings issued by the various courts, parliaments and regulators across the EU.  It also demonstrates a ‘risk-based’ approach to GDPR compliance which is a core requirement of GDPR.  Conducting a privacy assessment can help prioritise any risks identified. 

Bridging countries and compliance