Have you heard about DPIA? There is a chance you needed it yesterday!

2022 12 15
Data protection impact assessment (DPIA) is a documented report on a specific data processing operation. This risk assessment tool is mandatory when data processing operations are “likely to result in a high risk to the rights and freedoms” of individuals. For example, it’s crucial in launching a complex project, such as CCTV surveillance or call recording, when you need to assess the consequences of such planned data processing.
DPIA often requires a lot of human and time resources; however, it helps to comply with legal requirements, demonstrate responsibility, minimize risks and respect fundamental human rights.
WALLESS experts share their insights on what to consider when conducting a DPIA:
• Use the DPIA questionnaire – it will help assess whether DPIA is needed or not;
• Urgent project or not, prepare a DPIA report in the early stages of each project. This will help to ensure privacy by design and by default and to avoid any surprises in the future;
• Include all responsible persons who will work with the project (from data collection to its use for the actual purpose) – their expertise will help to ensure the consistency of this document;
• DPIA must be “alive” and should be continually revisited as the project progresses;
• Always ask DPO’s documented opinion regarding the data processing operation assessed in the DPIA;
• Treat DPIA as a valuable risk management tool, not a time-consuming formal responsibility.
#GDPR #privacy #compliance

WALLESS Weekly Review

Subscribe and receive the summary of the Lithuanian Supreme Court's rulings every week in your inbox. The information is prepared by the WALLESS Arbitration and Dispute Resolution Team.

Please note that review is in Lithuanian.