The Hague | Eindhoven | Zwolle
+31 (0) 70 392 22 09
“Do you need assistance with a Data Protection Impact Assessment?”

Why a DPIA?

A DPIA exposes the privacy risks of new (projects and initiatives) or existing processing of personal data and contributes to the avoidance or reduction of these privacy risks (reducing non-compliance).

An organization must have a schedule that includes the periodic (at least 1x per 3 years) updating of the DPIAs.

Based on a DPIA, it is systematically made clear how likely it is that the privacy of the persons involved whose data is being processed will be harmed, where these risks occur and what consequences they have for them.


What is our approach?

Intake, analysis of the tasks and the identification of risks

In this first step, the general characteristics of the tasks per team are analyzed. Agreements are made about the employees who will be interviewed and about the delivery of relevant documentation

Consulting the key officials

The input of the key officials takes place in this step of the DPIA. During the interviews, questions are asked about the gross risks as shown in the documentation and supplemented with risks appointed by the key officials

Testing the framework of standards and proposing control measures

In order to gain insight into the applicable laws and regulations and especially to determine which requirements arise from this for the object to be investigated, we have created the privacy and security standards framework, against which it will be tested.

Drafting report of findings

The findings are recorded in a report for each DPIA. In the report findings and recommendations are made, aimed at taking the still missing or improving control measures.

We are happy to assist you!

Do you have questions about the DPIA? Do not hesitate to contact us.

Contact us