Expert Advice Community

Guest

DPIA

  Quote
Guest
Guest user Created:   Feb 20, 2018 Last commented:   Feb 20, 2018

DPIA

1. How to conduct PIA or DPIA?
0 0

Assign topic to the user

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Andrei Hanganu Feb 20, 2018
2. What changes can be proposed as part of remediation plan (some examples will be enough)?
3. Data Mapping and how to conduct this?
4. And any other information which I could add in my CV to get the role. Obviously, once I will get the role, I will be contacting you for your help (and will pay your fee for your assistance). But in order to get the job of BA of GDPR, I need these information.

Answers:

1. A Data Protection Impact Assessment is basically an assessment of the likelihood and severity of risks for the rights and freedoms of individuals resulting from a processing operation. Data controllers will be required to undertake DPIAs prior to data processing – in particular processing using new technologies - which is likely to result in a high risk for the rights and freedoms of individuals (Article 35 - Data protection impact assessment - https://advisera.com/eugdpracademy/gdpr/data-protection-impact-assessment/

The EU GDPR provides the some non-exhaustive list of cases in which DPIAs must be carried out:
- automated processing for purposes of profiling and similar activities intended to evaluate personal aspects of data subjects (e.g. automatic credit checking performed by banks or other financial institutions)
- processing on a large scale of special categories of data or of data relating to criminal convictions and offences (e.g. processing of mental information by a psychiatric clinic);
- systematic monitoring of a publicly accessible area on a large scale (e.g. CCTV)

If you want to have a more in depth view on how to actually perform a DPIA the following materials would be helpful:
- Article 29 Working Party - “Guidelines on Data Protection Impact Assessment (DPIA) and determining whether processing is “likely to result in a high risk” for the purposes of Regulation 2016/679”
- Free webinar “Seven steps of Data Protection Impact Assessment (DPIA) according to EU GDPR” - https://advisera.com/eugdpracademy/webinar/seven-steps-of-data-protection-impact-assessment-dpia-according-to-eu-gdpr-free-webinar-on-demand/
- Article “5 phases of the EU GDPR Data Protection Impact Assessment” - https://advisera.com/eugdpracademy/knowledgebase/5-phases-of-the-eu-gdpr-data-protection-impact-assessment/
- Document: “Data Protection Impact Assessment Methodology” -https://advisera.com/eugdpracademy/documentation/data-protection-impact-assessment-methodology/;
- Document: “DPIA Register”- https://advisera.com/eugdpracademy/documentation/dpia-register/;

2. The risk mitigation measures derived form a DPIA may greatly vary depending on the processing activity that is subject to the DPIA.
For some examples of mitigation measures derived from a DPIA in CCTV you can access our webinar on “Seven steps of Data Protection Impact Assessment (DPIA) according to EU GDPR” - https://advisera.com/eugdpracademy/webinar/seven-steps-of-data-protection-impact-assessment-dpia-according-to-eu-gdpr-free-webinar-on-demand/

3. For the data mapping there is a specific guidance document in our EU GDPR Toolkit that would most likely shed some light on how to go through the data mapping exercise. You can find the “ Inventory of Processing Activities” here : https://advisera.com/eugdpracademy/documentation/inventory-of-processing-activities/

4. As for other things to add to your CV I would suggest getting acquainted with the EU GDPR provisions and attending our EU GDPR Foundations Course (https://training.advisera.com/se/eu-gdpr-foundations-course//#reviews) and the EU GDPR Data Protection Officer Course https://training.advisera.com/se/eu-gdpr-data-protection-officer-course/#reviews
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Feb 20, 2018

Feb 20, 2018

Suggested Topics

Guest user Created:   Aug 12, 2021 EU GDPR
Replies: 1
0 0

DPIA’s and Clients' data

Guest user Created:   Nov 09, 2020 EU GDPR
Replies: 1
0 0

DPIA

Guest user Created:   Nov 05, 2020 EU GDPR
Replies: 0
0 0

DPIA For Cloud Services