Take the ISO 27001 course exam and get the
EU GDPR course exam for free
LIMITED-TIME OFFER – ENDS SEPTEMBER 29, 2022

Expert Advice Community

Guest

Data Processors and DIPA

  Quote
Guest
Guest user Created:   Dec 18, 2017 Last commented:   Dec 18, 2017

Data Processors and DIPA

Is Data Protection Impact Assessment a mandatory for Data Processors?
0 0

Assign topic to the user

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Andrei Hanganu Dec 18, 2017

Answer:

The EU GDPR states that DPIAs should be performed by data controllers. This is because the controller are the ones taking the decisions as regards to the purposes and means of the processing. However processors might also be called up to provide support to controllers when they are performing DPIAs if a part of the processing activity which is subject of the DPIA is outsourced to the processor. The processor must assist the controller should the controller need to carry out a privacy impact assessment. Art. 28(3)(f)
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Dec 18, 2017

Dec 18, 2017