Data protection impact assessments (“DPIAs”) are a legal requirement for processing of personal data that is likely to result in a high risk to individuals. As our world becomes increasingly data rich and technology saturated, DPIAs are more and more relevant. But organisations often find the task of drafting a DPIA from scratch to be daunting.
Our Masterclass takes participants through the most common scenarios in which DPIAs are required, drawing from the guidance of both the Information Commissioner’s Office and the European Data Protection Board. We explore how to draft a DPIA that can withstand regulator and stakeholder scrutiny, while also considering how to identify efficiencies in what is often a time-consuming process.
We encourage participants to view a DPIA as an investment in accountability and risk management. Building skills in navigating a DPIA effectively can help to demonstrate the reliability of your product or service and give you a competitive edge in the market.
By the end of the session, participants will be better able to:
- Identify where a DPIA is required;
- Craft the assessment in an effective yet pragmatic way
- Engage stakeholders in the process, where this is useful and a good investment of time;
- Calibrate and document risk in a way which is robust;
- Protect their organisation from the legal and reputational risks which can arise in processing of sensitive data, or where new technology is being developed or deployed.