- Title: Focus on: Data Protection Impact Assessments
The GDPR promotes a risk-based approach to data protection. The Data Protection Impact Assessment (DPIA) is a key process in the identification and mitigation of risks to data subjects in processing operations. The DPIA will be a legal requirement, under the GDPR, in respect of certain types of data processing. However, assessing risks is an important element of the Privacy by Design concept and are therefore a useful tool. This guide provides a concise overview of the key principles and practices, with examples and templates.