Data Protection Impact Assessment (DPIA) – 20th Sep ’23
Call scheduled for 2 hours via MS Teams
Presentation will be issued 4 working days in advance
You will need to read the course materials prior to the session, so at the beginning you can highlight any areas that you may be specifically unsure of, or if you have any specific issues/scenarios that you want to discuss. These will be factored into the session.
After the session, time will be spent reflecting and consolidating training learnt into a development plan
Overall training will be 6 hours and a certificate will be issued
Effective Data Protection Impact Assessment training will help you to:
Identify the need
Describe the processing
Consider consultation process
Assess necessity and proportionality
Identify and assess Risk
Identify measures to mitigate risk
Sign off and record outcomes
Integrate outcome into an action plan
Keep under review
DPIAs are a legal requirement for processing that is likely to be high risk. Effective DPIA’s enable you to accomplish greater compliance, financial and reputational benefits, they help organisations to demonstrate their accountability and it builds trust and confidence with individuals.
A DPIA is not a one-off exercise it is an ongoing process.
Article 35(1) says that you must do a DPIA where a type of processing is likely to result in a high risk to the rights and freedoms of individuals
Failure to carry out a DPIA when required may leave your organisation open to enforcement action, including a fine of up to £8.7 million, or 2% global annual turnover if higher.
If you identify a high risk that you cannot mitigate, you must consult the ICO before starting the processing. They will give you written advice 8-14 weeks on whether you can process the data.
Aims of the Course:
To help you identify Privacy Risks and how to keep track of them
To have confidence in compliance with General Data Protection Regulation (GDPR) in relation to Privacy by Design
To understand how to receive and provide information assurance against the DPIAs you are responsible for within your organisation
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behaviour or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.