Data Protection Impact Assessments (DPIA) are a pivotal part of the Data Protection by Design and Default practice within Information Governance. This session will provide a solid foundation for creating, developing and implementing DPIA’s into your core work practices and allow for greater transparency, accountability and the accurate development of internal systems and processes. Covering the foundations for successful DPIA’s this session will cover, how to write a DPIA, how to carry one out, how to create a template, training of and responsibilities of staff, mitigation of identification of risks and much more.
During this session you will learn about DPIAs, when are they required, who should complete them, who reviews them, who signs them off, mitigating risks, owning risks and demonstrating compliance with the law.
This masterclass will focus on GDPR Article 32 requirements for data controllers and processors to implement technical and organisational measures, this is ‘data privacy by design and default’. Article 32 mandates Data Protection Impact Assessment (DPIAs) certain circumstances.
KEY LEARNING OBJECTIVES
Identifying when a Data Protection Impact Assessment (DPIA) needs to be completed
Completing a DPIA
Identifying the risks and mitigations
Ensuring GDPR Accountability principle
The Role of the regulator (ICO)
