How to do a Data Protection Impact Assessment - Act Now

Speaker: Naomi Matthews

Data Protection Impact Assessments are a key aspect of the 'Privacy by Design' requirements under the UK GDPR.

Although 'PIAs' (Privacy Impact Assessments) have been around for a while, there is some confusion over when to complete a DPIA, at what stage and who actually completes them and signs them off?

On this full day workshop, we will go through every aspect of a DPIA. From best practice on designing a template DPIA through to determining 'high risks' and what may or may not require ICO consultation. Through a mixture of content based learning and interactive discussion we'll explore the requirements of a DPIA and analyse a real DPIA.

By the end of this workshop you will have a good understanding of when a DPIA is required, be able to use best practice and resources for creating, embedding and completing a DPIA and acquire the practical skills to do a DPIA from to start to finish, including follow up and audit.

Key Topics

• Data Protection by Design
• Ethics: What is this?
• What is meant by 'Data Protection Impact'?
• What is a DPIA?
• When do you need to complete a DPIA?
• Structure of a DPIA and content
• Who should complete a DPIA?
• Process for completing a DPIA
• Recording and presenting outcomes from a DPIA
• How to do Risk Assessments for a DPIA
• Risks, Controls,Assessments, Feedback
• Who accepts risks from a DPIA?
• Key roles needed in the process of a DPIA
• What can the DPO 'sign off'?