Performing Impact Assessment (DPIA)
 
About DPIAs
When to conduct a DPIA?
What is a DPIA?
Creating a DPIA
Starting a new DPIA
Reusing a DPIA
Editing a DPIA
Accessing the list of DPIAs
Creating and Assessing Risks for a DPIA
Recommendations and Remediation Actions on DPIAs
Creating recommendations
Creation remediation actions
Validating the DPIA
Final risk level
Final compliance level
Subsequent Actions
Consulting DPIA Reports and Results
Viewing the dashboard of the processing activity
Record of DPIAs
Generating a DPIA document
About DPIAs
When to conduct a DPIA?
If the pre-assessment indicates that the risk is high, you (the DPO or the Privacy team) must conduct a DPIA.
*For more information on pre-assessment see Performing the Pre-Assessment.
When the processing is likely to result in a high risk to the rights and freedoms of the data subjects, a DPIA is mandatory.
What is a DPIA?
A DPIA is a detailed risk assessment.
The DPIA needs to display:
the characteristics of the processing activity
the risks which may have an impact on compliance.
*For more information, see Creating and Assessing Risks for a DPIA.
the remediation actions ensuring the processing activity is under control
Creating a DPIA
Editing a DPIA
When a DPIA has already been created and it is not finalized yet, you can modify it through the Edit DPIA button.
*When finalized, the Edit button is no longer available. You need to start another DPIA. For more information see Starting a new DPIA.
Accessing the list of DPIAs
To access all DPIAs:
*In the navigation bar, select Registers > DPIAs.