Data protection impact assessment—DPIA—short form

The following Risk & Compliance precedent provides comprehensive and up to date legal information covering:

  • Data protection impact assessment—DPIA—short form

Data protection impact assessment—DPIA—short form

    1. 1

      Identify the need for a DPIA

      Explain broadly what project aims to achieve and what type of processing it involves
      [Insert, eg you may find it helpful to refer or link to other documents, such as a project proposal. Summarise why you identifies the need for a DPIA. Summarise why you identified the need for a DPIA]
    1. 2

      Describe the processing

      Describe the nature of the processing
      [Insert, eg how will you collect, use store and delete data? What are the sources of the data? Will you be sharing data with anyone? What types of processing identified as likely high risk are involved? You might find it useful to refer to a flow diagram or other way of describing data flows]
      Describe the scope of the processing:
      [Insert, eg what is the nature of the data, and does it include special category or criminal offence data? How much data will you be collecting and using? How often? How long will you keep it? How many individuals are affected? What geographical area does it cover?]
      Describe the context of the processing
      [Insert, eg what is the nature of your relationship with the individuals? How much control will they have? Would they expect you to use their data in this way? Do they include children or other vulnerable groups? Are

Popular documents