GDPR DPIA: Prepare for impact.
DPIA can help you with your assessment requirements under the GDPR.
Data Protection Impact Assessment - DPIA
Overview
A Data Protection Impact Assessment (DPIA) can be used to identify and fix potential issues at an early stage and is an effective way to take a ‘privacy by design’ approach. DPIAs are already seen as good practice and the GDPR takes them a step further by making them mandatory in the following circumstances:
- When using new technology
- For data processing that presents a high risk to individuals’ rights and freedoms, such as systematic profiling
- Large scale processing of special categories of personal data relating to criminal convictions
- Large scale, systematic monitoring of public areas – notably CCTV
How can LRQA help?
LRQA can carry out a DPIA on your behalf as well as provide DPIA training that gives practical guidance on how to conduct DPIA’s within your organisation.
Our one-day, in-house workshop will help you to understand:
- What a DPIA is and when one should be carried out
- Your national regulators’ recommendations and guidance
- The stages of a DPIA and what to do in practice
- The relationship between conducting DPIA’s with other risk and project management activities, such as other risk assessments or data protection audits
- What legal and compliance issues you will need to consider within your organisation.
If you would like an impartial organisation to conduct a DPIA on your behalf, LRQA can help. Your DPIA will be carried out by one of LRQA’s risk management specialists who have an in-depth knowledge of the GDPR requirements and the risk management methodologies relevant to data protection. You can also use this as an opportunity to mentor internal staff.
