Data Protection Impact Assessment

DPIA - Data Protection Impact Assessment

The purpose of the Data Protection Impact Assessment is to help to identify, assess and manage the risks inherent in the processing of personal data.

Assess data protection impacts and risks

With the Granite DPIA – Data Protection Impact Assessment tool, you can identify, assess and manage risks inherent in the processing of personal data. With Granite tools, you can assess the data protection impacts when planning the processing of personal data that is likely to pose a high risk to the rights and freedoms of individuals.

Compliant data protection risk management

The Data Protection Impact Assessment focuses on the processing of personal data, the need for processing, proportionality and the risks arising from the processing of personal data.

With Granite, controllers can meet the requirements of data protection legislation, document and demonstrate compliance.

When does the processing of personal data require an impact assessment?

The obligation to carry out an impact assessment arises from:
  • processing situations referred to in the General Data Protection Regulation
  • the inclusion of the processing operation in the list of data protection authorities
  • national legislation

Impact assessment in processing situations specified in the General Data Protection Regulation

An impact assessment must be performed when the planned processing is likely to pose a high risk to the rights and freedoms of individuals. In particular, an impact assessment must be carried out when:
  • the processing of personal data involves the use of new technologies
  • processing on a large scale criminal convictions, offences or specific categories of personal data, such as health data, ethnic origin, political opinions, religious beliefs or sexual orientation
  • the personal characteristics of a person are assessed through automated processing, in a systematic and comprehensive manner, and the assessment leads to decisions that have legal effects or otherwise significantly affect the person
  • a public area is subject to systematic and extensive monitoring

Focus on data protection development and facilitate sustainable risk management work

With the Granite DPIA – Data Protection Impact Assessment tool, you can get a grip on the organisation’s data protection situation
  • A standardised software solution ensures a uniform assessment process
  • Automated reporting and log data enable authentication
  • Describe your personal data processing policy systematically, assess the proportionality and necessity of the processing, as well as the rights of data subjects

Ready for more?

Book a demo call with our experts. 15 minutes is all it takes to learn how you would benefit from our risk management solutions.