How the feature helps with Data Protection Impact Assessments
Organisations need to assess any personal data processing that might result in high risk to individuals. Even if you don’t need to undergo a full DPIA, you have to document your screening questionnaire that lead you to that conclusion. Our approach ensures you capture all the processing details, as well as document the risks and the mitigation activities you’ve put in place.
- Pre-defined screening and purpose questionnaires
- Wizard for justifying processing and documenting individual’s rights are protected
- Workflows to get feedback from stakeholders and manage the approval process
- Analyze risks and record mitigation records using automation rules
- Easily run reports for stakeholders and regulators
What is a DPIA?
A data protection impact assessment is a process to systematically identify and reduce the risks related to personal data processing. The DPIA documentation is a blueprint that can be used by the organisation to implement data protection by design on those processing activities.
Article 35 of the GDPR
Article 35 of the GDPR requires that you undertake a Data Protection Impact Assessment (DPIA) for all high risk processing. A DPIA is a means of documenting the measures you’ve put in place to achieve compliance. You should have completed the DPIA prior to undertaking the processing.