data privacy impact assessment

Spain: List of specific scenarios for mandatory privacy impact assessment finally available

By Andrea BATALLA Article 35.1 of the General Data Protection Regulation (“RGPD”) provides that organisations processing personal data have to carry out privacy impact assessments where processing activities are likely to pose a high risk to the rights and freedoms of individuals. In particular, privacy impact assessments are aimed at identifying the activities that carry …

Spain: List of specific scenarios for mandatory privacy impact assessment finally available Read More »

France: the CNIL publishes its data privacy impact assessment (DPIA) guidelines and a list of processing operations subject to a DPIA

A Data Protection Impact Assessment (DPIA) is one of the key accountability tools introduced by Article 35 of the EU General Data Protection Regulation (GDPR) which provides guidance to  data controllers on how to systematically analyze, identify and minimize the data protection risks of a data processing operation planned which is likely to raise a …

France: the CNIL publishes its data privacy impact assessment (DPIA) guidelines and a list of processing operations subject to a DPIA Read More »