Performing DIPA in companies
Assign topic to the user
Answer:
Regardless of the size of the company you must perform a DPIA if the processing activity is likely to constitute a high risk to the rights and freedoms of the data subjects. If you don’t have any processing activities that would be considered as a high risk then DPIA won't be necessary. However be careful when assessing which processing activities are of high risk. Our EU GDPR implementation toolkit https://advisera.com/eugdpracademy/eu-gdpr-documentation-toolkit/ has a section dedicated to DPIAs and there you can find guidance as well as templates.
Comment as guest or Sign in
Dec 19, 2017