GDPR Data Protection Impact Assessment (DPIA)
By : 6clicks
This template is an example of how you can record your Data Protection Impact Assessments (DPIA) process and outcome. It follows the process set out in European guidelines on DPIAs. You will start to fill out the template at the start of any major project involving the use of personal data, or if you are making a significant change to an existing process. The final outcomes should be integrated back into your project plan.
In stock
Details
Article 35 of the GDPR covers Data Protection Impact Assessments (DPIA). The DPIA is a new requirement under the GDPR as part of the “protection by design” principle. According to the law:
"Where a type of processing in particular using new technologies, and taking into account the nature, scope, context and purposes of the processing, is likely to result in a high risk to the rights and freedoms of natural persons, the controller shall, prior to the processing, carry out an assessment of the impact of the envisaged processing operations on the protection of personal data."
This assessment template has been created by 6clicks mapped to a standard sample GDPR Data Protection Impact Assessment (DPIA) set of questions provided by the UK Information Commissioner's Office. The assessment will guide you through the process of determining whether your data processing activity requires a DPIA. It will then ask you a series of questions to understand the scope of the data processing and help you determine what protections you can implement as part of the design of your project.
More Information
| Jurisdiction | United Kingdom |
|---|---|
| Type | Assessment |