A Data Privacy Impact Assessment is required under GDPR, UK-GDPR, Canada PIPEDA, KSA PDPL and most US state privacy laws. It’s also considered best practice for a majority of organizations who may not be technically required to perform them. This download kit includes a detailed workbook with instructions a 10 point DPIA pre-assessment automatic scorecard, an excel workbook with 30 controls covering 8 assessment areas. We also include essential data mapping visio templates to help with the important personal data mapping requirements of a DPIA.
The requirement for a privacy impact assessment (PIA) or data protection impact assessment (DPIA) was orginally introduced with the General Data Protection Regulation (Art. 35 of the GDPR). This refers to the obligation of the controller to conduct an impact assessment and to document it before starting the intended data processing. It’s also required when major changes or upgrades are made to systems processing personal data.
Subsequent GDPR type regulations such as KSA-PDPL Article 21(2), Canada-PIPEDA 7.4, Australia Privacy Act and most US state laws require a DPIA which means businesses must have a structured way of performing them for personal data processing activities.
Our Exclusive DPIA Workbook kit includes a 10 point graded pre-assessment scorecard to help you before you start the main DPIA work. You are asked 10 questions that relate to DPIA readiness for which your asked to answer and comment on. If you receive 90% we assess that your ready to continue with the main DPIA work.
We include instructions, a detailed change log and 30 assessment controls categorized into 8 different sections to cover GDPR type objectives. We include a Visio data mapping template (required for the DPIA) and a personal data controls template in .vsdx visio ready format to help you visually document your work. We also include a printable DPIA process pdf download to help you implement the PIA more effectively.
Why is the pre-assessment important?
Assessors can sometimes be unprepared or overwhelmed by the scope of work involved in an assessment. These pre-assessment is designed to steer you and grade your readiness before you begin the main work of actually performing the assessment.
Why is the data mapping Visio important? Data mapping is a crucial pre-requisite when performing a DPIA as this visually represents the personal data flows. This has many benefits including, 1) Showing assessors and investigators that you’ve really documented and accounted for personal data in your environment. 2) Forcing stakeholders to think about what data assets they have and where they’re located so they can implement necessary data protection controls and 3) Compliance with a regulations and frameworks which require diagrams.
To supplement the DPIA template, our personal data controls template may help you document your complete environment at a more technical level in an attractive 3d format which is not available anywhere else. It shows encryption controls, data masking controls and others which should be reflected in your documentation.
Visio’s can take time to create, but we’ve done the work for you with a template you can use again and again.
Remember PIA’s are obligatory and failure to perform them can lead to very significant fines, painful investigations, audits, terminations with cause and negative media coverage when negligence and shortcomings are exposed, so, time is of the essence in performing them.
For the price of a basic service of your car why not invest in servicing your company’s security properly.
What is the financial advantage to performing DPIA’s? Implementers can i solate issues faster which means a less costly and simpler solution, and may help you avoid damage to your reputation later on. A DPIA may also minimize the continual costs of a project by reducing how much information you may collect, when possible, and creating more streamlined processes for employees.
What if I’ve a product question, have a problem after purchase or want something changed? Contact us at [email protected] and we will come back to you quickly, that’s part of our support advantage in this crucial area of data protection.
