When to perform a Data Protection Impact Assessment?
- Details
- Category: Social Engineering
- Published: Wednesday, 26 April 2017 11:24
The General Data Protection Regulation (Regulation 2016/679) (GDPR) was adopted on 4 April 2017 and will apply from 25 May 2018. Article 35 of Regulation 2016/679 requires data controllers to perform a Data Protection Impact Assessment (DPIA), when the processing is “likely to result in a high risk to the rights and freedoms of natural persons”.
To clarify this new GDPR requirement, the Article 29 Working Party recently released a document with guidelines on DPIAs.
(The Article 29 WP, WP258, 4 April 2017).