O'Reilly logo

EU General Data Protection Regulation (GDPR): An Implementation and Compliance Guide by IT Governance Privacy Team

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

CHAPTER 5: REQUIREMENTS FOR DATA PROTECTION IMPACT ASSESSMENTS

The data protection impact assessment (DPIA) is one of the specific processes mandated by the GDPR. Many organisations will be required to conduct DPIAs and, in many instances, an organisation may find it a valuable process even when a DPIA is not required by the Regulation.

DPIAs are used to identify specific risks to personal data as a result of processing activities and the significance of their role in a PIMS could be compared to that of the information security risk assessments required by ISO/IEC 27001 and described in ISO/IEC 27005 (see Chapter 6). DPIAs naturally have a greater focus on data protection and privacy, of course, so a more focused model is valuable. The Regulation ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required