Open in new tab

GDPR: The Importance of Data Privacy Impact Assessments

Under the GDPR, the more in-depth Data Protection Impact Assessment (DPIA) will be required by businesses to help identify threats to the privacy rights of EU residents.

It's always been wise to conduct a Privacy Impact Assessment (PIA) before any overhaul of your data process; but with the GDPR looming, assessments are about to become. essential. Starting May 25th 2018, conducting data assessments will become an enforced part of any compliance program.

Under the GDPR, the more in-depth Data Protection Impact Assessment (DPIA) will be required by businesses to help identify threats to the privacy rights of EU residents. Why conduct DPIAs?

DPIAs are simply a means to identify data risks to the privacy rights when processing personal data. The GDPR expects businesses to build an effective response to risks that may be revealed during a DPIA. Those responses will often include adding deeper technical controls such as the encryption, pseudonymization, and anonymization of personal data.

Formulating an on-going effort to review data procedures will help businesses build a solid foundation for assessing the risk of data systems and securing the sensitive information they hold. When should DPIAs occur?

An impact assessment should always take place whenever developing a new way to process personal data.


Läs hela artikeln →
www.cbronline.com

Läs nästa artikel

European businesses are readying themselves for a massive shift in data protection rules

Läs nästa: European businesses are readying themselves for a massive shift in data protection rules