Data Protection Impact Assessment (DPIA)

Data Protection Impact Assessment (DPIA)

Under the General Gata Protection Regulation (GDPR), controllers must now now: 

Keep a record of their processing activities (see here for more details); and
Carry out a Data Protection Impact Assessment (DPIA) where the data processing is likely to result in a high risk to the rights and freedoms of the data subjects.  

A DPIA is a process designed to describe the processing, assess its necessity and proportionality and manage the risks to the individuals’ rights and freedoms resulting from thereof.