Data Protection Impact Assessments

The Information Commissioners Office and Data Security and Protection Toolkit have identified Data Protection Impact Assessments as a key tool in addressing confidentiality and privacy concerns.   

A Data Protection Impact Assessment is a process to help identify and minimise the data protection risks of a project.  Data Protection Impact Assessments are an essential part of our accountability obligations. Conducting a Data Protection Impact Assessments is a legal requirement for any type of processing, including certain specified types of processing that are likely to result in a high risk to the rights and freedoms of individuals. This includes some specified types of processing e.g. special categories of personal data – health data. 

Further information is available on the Information Commissioner's Office website (opens in new window).