By carrying out the privacy zero measurement, awareness (awareness and awareness) of data and privacy protection within the organization is increased and inventories are carried out that are aimed at documenting the processing carried out under the responsibility of the organization as fully as possible.
When carrying out the privacy zero measurement, we use a generally accepted privacy and security norm framework that is based on relevant national and European laws and regulations. We use a 4-step approach for performing the privacy baseline measurement. The steps are in line with the guide prepared by NOREA.
What is a DPIA?
A Data Protection Impact Assessment (DPIA) is an instrument for mapping out and assessing, in a structured and standardized manner, the effects of new regulations or projects for those involved in the processing of personal data. Using the DPIA, measures can be taken to prevent or reduce these effects for those involved.
When is it mandatory?
A DPIA is only mandatory if data processing is likely to pose a high privacy risk for the people whose data are processed by the company or organization. [This rather wide criterion must be made specific by the company or organization itself.] If it is determined that a DPIA must be performed, processing (personal) data before the DPIA has been completed is not permitted.
A DPIA provides insight into the risks that the processing of personal data brings to those involved, such as customers, clients, patients, etc. It provides insight into the control measures that the company or organization will have to take to mitigate the risks. It is up to the organization itself to implement management and security measures (or to consult the Dutch Personal Data Authority).
Duthler Associates has specialized for more than 20 years in perfoming DPIAs for various kinds of companies and organizations. We regard DPIAs as a special form of research into the quality of data processing and information provision. This expertise is shown by the fact that the chartered accountants and IT auditors of Duthler Associates are co-authors of the NOREA DPIA and the NOREA PCF audit model.