What are the Key Stages of Data Protection Impact Assessment?
GDPR Regulation mandates the need for Data Protection Impact Assessment for any data processing activity that may potentially result in a high risk to the data subject’s rights and freedom. The assessment helps identify and fix issues at the early stages of any project, thereby reducing the associated costs and damage to the business. Failure to conduct DPIA can result in non-compliance to the Regulation and also a possibility of a data breach. The Assessment evaluates the risk exposure towards the data processing activities that could impact data subjects.
Narendra Sahoo (PCI QSA, PCI QPA, CISSP, CISA, and CRISC) is the Founder and Director of VISTA InfoSec.