Data Protection Impact Assessments How do we carry
- Slides: 31
Data Protection Impact Assessments How do we carry out a DPIA? Data Protection Practitioners’ Conference 2018 #DPPC 2018
Guide to the GDPR DPIA Awareness checklist DPIA Screening checklist DPIA Process checklist Data Protection Practitioners’ Conference 2018 #DPPC 2018
1: Identify need for a DPIA 9: Keep under review 2: Describe the processing 8: Integrate outcomes into plan 3: Consider consultation 7: Sign off and record outcomes 4: Assess necessity and proportionality 6: Identify measures to mitigate risk Data Protection Practitioners’ Conference 2018 5: Identify and assess risks #DPPC 2018
Describe the processing: Purpose of the processing What do you want to achieve? What are the benefits – to you and more broadly? What is the intended effect on individuals? Data Protection Practitioners’ Conference 2018 #DPPC 2018
Describe the processing: Context of the processing What is your relationship with the individuals? Would they expect you to do this? might they object? Is this novel? Are there any concerns you are aware of? Data Protection Practitioners’ Conference 2018 #DPPC 2018
Describe the processing: of the processing Scope How much data will you collect and use, and how often? Is it special category or criminal offence data, how long will you keep it? How many individuals does it relate to, over how large an area? Data Protection Practitioners’ Conference 2018 #DPPC 2018
Describe the processing: Nature of the processing How will you collect, use, store and delete data? What is the source of the data? Will you be sharing data with anyone? Data Protection Practitioners’ Conference 2018 #DPPC 2018
Want to ask us a question? Go to slido. com/#DPPC 2018/DPIA Data Protection Practitioners’ Conference 2018 #DPPC 2018
1: Identify need for a DPIA 9: Keep under review 2: Describe the processing 8: Integrate outcomes into plan 3: Consider consultation 7: Sign off and record outcomes 4: Assess necessity and proportionality 6: Identify measures to mitigate risk Data Protection Practitioners’ Conference 2018 5: Identify and assess risks #DPPC 2018
Consider consultation Are you consulting with individuals or their representatives? If not, have you documented why? Data Protection Practitioners’ Conference 2018 #DPPC 2018
Consider consultation Have you consulted with relevant internal stakeholders? Have you considered getting external advice? Data Protection Practitioners’ Conference 2018 #DPPC 2018
Why not get involved? Go to slido. com/#DPPC 2018/DPIA Data Protection Practitioners’ Conference 2018 #DPPC 2018
1: Identify need for a DPIA 9: Keep under review 2: Describe the processing 8: Integrate outcomes into plan 3: Consider consultation 7: Sign off and record outcomes 4: Assess necessity and proportionality 6: Identify measures to mitigate risk Data Protection Practitioners’ Conference 2018 5: Identify and assess risks #DPPC 2018
Necessity and proportionality Can you identify a valid lawful basis? Does your processing actually achieve your purpose? Is there a less intrusive way of reaching the same outcome? Data Protection Practitioners’ Conference 2018 #DPPC 2018
Necessity and proportionality How will you prevent function creep? How will you ensure data quality? How will you ensure data minimisation? Data Protection Practitioners’ Conference 2018 #DPPC 2018
Necessity and proportionality What information will you give individuals? How will you help to support their rights? Data Protection Practitioners’ Conference 2018 #DPPC 2018
Necessity and proportionality What measures do you take to ensure processors comply? How do you safeguard any international transfers? Data Protection Practitioners’ Conference 2018 #DPPC 2018
DPIA consultation- closes Friday Tell us your thoughts @ ico. org. uk Data Protection Practitioners’ Conference 2018 #DPPC 2018
1: Identify need for a DPIA 9: Keep under review 2: Describe the processing 8: Integrate outcomes into plan 3: Consider consultation 7: Sign off and record outcomes 4: Assess necessity and proportionality 6: Identify measures to mitigate risk Data Protection Practitioners’ Conference 2018 5: Identify and assess risks #DPPC 2018
Identify risks What’s the potential impact? Data Protection Practitioners’ Conference 2018 #DPPC 2018
Recital 77 “The risk to the rights and freedoms of natural persons, of varying likelihood and severity, may result from data processing which could lead to physical, material or nonmaterial damage, in particular: where the processing may give rise to discrimination, identity theft or fraud, financial loss, damage to the reputation, loss of confidentiality of personal data protected by professional secrecy, unauthorised reversal of pseudonymisation, or any other significant economic or social disadvantage; where data subjects might be deprived of their rights and freedoms or prevented from exercising control over their personal data…”. Data Protection Practitioners’ Conference 2018 #DPPC 2018
Data Protection Practitioners’ Conference 2018 #DPPC 2018
Why not get involved? Go to slido. com/#DPPC 2018/DPIA Data Protection Practitioners’ Conference 2018 #DPPC 2018
1: Identify need for a DPIA 9: Keep under review 2: Describe the processing 8: Integrate outcomes into plan 3: Consider consultation 7: Sign off and record outcomes 4: Assess necessity and proportionality 6: Identify measures to mitigate risk Data Protection Practitioners’ Conference 2018 5: Identify and assess risks #DPPC 2018
Identify measures Risk mitigation Ask your DPO for advice Data Protection Practitioners’ Conference 2018 #DPPC 2018
DPIA consultation- closes Friday Tell us your thoughts @ ico. org. uk Data Protection Practitioners’ Conference 2018 #DPPC 2018
DPIA sign-off What is the outcome? What is your level of residual risk? Data Protection Practitioners’ Conference 2018 #DPPC 2018
Data Protection Practitioners’ Conference 2018 #DPPC 2018
Tell us what you think Go to slido. com/#DPPC 2018/DPIA Data Protection Practitioners’ Conference 2018 #DPPC 2018
DPIA consultation- closes Friday Tell us your thoughts @ ico. org. uk Data Protection Practitioners’ Conference 2018 #DPPC 2018
Guide to the GDPR DPIA Awareness checklist DPIA Screening checklist DPIA Process checklist Data Protection Practitioners’ Conference 2018 #DPPC 2018
- General revision of assessments and property classification
- Performance assessments examples
- Premarital tests or assessments
- Common formative assessment examples
- Performance rubrics criteria
- Mlpp assessments
- 6 assessments for dols
- Irip nebraska
- Informal reading assessment
- Eccentric viewing techniques occupational therapy
- Elpac performance level
- Cte technical skills assessments.azed.gov/student
- Creative arts grade 7 programme of assessment
- What does olivia mean
- Definition authentic assessment
- Formal and informal assessment
- Characteristics of psychological test
- Perceptive reading examples
- Physical education assessments examples
- Apm testing florida
- Sat subscores
- Lausd interim assessments
- Staar interim assessments 2019-2020
- Formative placement diagnostic and summative evaluation
- Writing analytical assessments in social work
- Vdoe algebra readiness formative assessments
- Assessment activities for informative
- Incas assessment
- Physical fitness grade 9
- Florida assessments for instruction in reading
- Ddi assessments
- Aimsweb math benchmarks