Legal News

Data Protection impact assessments—ensuring consistency

Data Protection impact assessments—ensuring consistency
Published on: 06 November 2018
Published by: LexisPSL
  • Data Protection impact assessments—ensuring consistency
  • When are controllers obliged to carry out a data protection impact assessment (DPIA)?
  • According to the ICO’s guidance, what kind of processing operations are likely to be high risk and require a DPIA?
  • With each supervisory authority publishing lists of processing activities that require a DPIA, how is a consistent approach maintained across the EEA?
  • What has the EDPB said about the ICO’s DPIA list?
  • How will this impact practitioners in this area?

Article summary

Information Law analysis: A data protection impact assessment (DPIA) is now required as a matter of statutory obligation, when the criteria in Article 35 of the General Data Protection Regulation, Regulation (EU) 2016/679 (the GDPR) are met. Aidan Eardley, barrister at One Brick Court Chambers, explains the requirements for carrying out a DPIA. or take a trial to read the full analysis.

Popular documents