With the help from a well executed Privacy Impact Assessment you document which data are going to be collected, why this is needed, how the data are going to be used and shared, and how the security of that is guaranteed.
When the Global Data Protection Regulation (GDPR) comes into effect on the 25th of May 2018, PIA’s are mandatory in certain situations.
The ideal moment for a Privacy Impact Assessment is before the start of a new project, for example the developing of new software. This decision not only helps adhering to the Privacy by Design principle, it also gives a clear view on possible risks.
Mapping privacy risks makes them manageable. More manageable in sofware development, and in big changes to existing systems or mergers.
A PIA isn’t just window dressing that disappears in an office cabinet after finishing. By repeating the PIA you have a continous monitoring of privacy risks and possible misuse of personal data.
Many organisations have appointed a data protection officer or privacy officer (DPO) to help them comply with European privacy laws. No matter which name you prefer for the job, if you meet the criteria in the GDPR, you must appoint a DPO.
Joining forces to work on new technology, a website or a service is just like a marriage.
Avenue Louise 65, 1000, Brussels, +32 (0)2 535 77 55, firstname.lastname@example.org