On March 22, 2018, the Information Commissioner Officer (ICO) – the U.K. Data Protection Authority – published a detailed guidance for UK organizations on data protection impact assessments (DPIAs) under the GDPR to help companies identify and minimize the data protection risks of projects.
The content of this detailed guidance is subject to public consultation, which closes on April 13, 2018.
The ICO also published a list of types of processing likely to be high risk and requiring a DPIA. The list, as well as a sample DPIA template is open for consultation until April 13, 2018.
The documents can be used alongside the Guide to the GDPR published by the ICO.
WP29 also published Guidelines on Data Protection Impact Assessment (DPIA) and determining whether processing is “likely to result in a high risk” for the purposes of Regulation 2016/679.
The Data Protection Impact Assessments (DPIAs) guidance is available at https://ico.org.uk…
More on DPIAs is available at http://www.technethics.com…
For more information on processing EU citizens’ data, contact Francesca Giannoni-Crystal and Federica Romanelli
Follow us on& Like us on