A DPIA helps support the identification of any potential high risks to data privacy when your organisation is planning new or revising existing processes or functionality, or to design actions to mitigate these risks. It is a useful tool to help organisations to demonstrate their compliance with data protection law. DPIA’s help with implementing Privacy by Design (PbD), as mandated by the GDPR- Art25.
A DPIA should be carried out as early as possible in the development life cycle – preferably at the ‘design’ stage. The DPIA should be completed before any processing of personal data is undertaken (as per the GDPR) and before any key decisions are made that will be difficult or costly to revisit or amend.
Should high risks be identified that cannot be mitigated against, it may be necessary for the Data Controller to consult with the Data Protection Commission prior to proceeding.
Failing to carry out a DPIA correctly or failing to consult the competent Supervisory Authority, where required, will be considered substantial non-compliance.
Watch this on-demand webinar to learn about:
To watch this on-demand webinar, complete the form and we will send you a link to watch a recording of the webinar.