The Challenge
The EU GDPR states that a Data Protection Impact Assessment (DPIA) is required whenever processing is likely to result in a high risk to the rights and freedoms of individuals.
- a systematic and extensive evaluation of the personal aspects of an individual, including profiling;
- processing of sensitive data on a large scale;
- systematic monitoring of public areas on a large scale.
Many organisations do not have the internal expertise to carry out successful DPIA’s that conform to the requirements of GDPR. BH Consulting have extensive experience of carrying out productive DPIA’s for public and private sector clients in a timely manner.
The Service
A Data Protection Impact Assessment enables clients to understand and manage personal data processing risks and demonstrate accountability (GDPR Article 5(2)).
A DPIA is a process which helps organisations to anticipate and address the likely privacy impact of projects and technologies, to identify privacy related issues, develop solutions, and ensure that such issues are addressed appropriately in a manner consistent with statutory obligations and corporate policies.
BH Consulting follow best practise guidelines for Data Protection Impact Assessments published by ENISA, the UK’s Information Commissioner’s Office, and by the Data Protection Commission in Ireland.
BH Consulting conduct initial data protection impact assessment workshops, to assess the risks associated with a new or existing data processing activity, system, or technology. Additionally, we provide subsequent recommendations on the appropriate controls to mitigate or minimise those risks.
We work on developing an action plan to manage the implementation of the given recommendations. Our experienced consultants also help to establish and document the tailored DPIA process for clients for future internal use.
This service can be carried out remotely.
The Benefits
