DPIA: How to Carry Out One of the Key Principles of Accountability

Sarrat, Jules; Brun, Raphael

doi:10.1007/978-3-030-02547-2_10

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11079))

Included in the following conference series:

Annual Privacy Forum

970 Accesses
1 Citations

Abstract

New projects and initiatives are continuously and increasingly taking place in large organizations. Therefore, privacy teams are legitimately wondering if all these projects need a Data Protection Impact Assessment, and which one need to be supported in priority. And what about other projects? Generally speaking, can these GDPR compliant projects rely on the existing ecosystem? And what to do with processing activities already implemented? Many questions to which we will try to answer in this paper.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

1.
GDPR, article 35: Data Protection Impact Assessment.
2.
Guidelines on data protection impact analysis (DPIA) and how to determine whether the processing is ‘likely to cause a high risk’ for the purposes of Regulation (EU) 2016/679 - WP 248 rev. 01.
3.
https://www.cnil.fr/en/open-source-pia-software-helps-carry-out-data-protection-impact-assesment.

References

Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016
Google Scholar
Guidelines on Data Protection Impact Assessment (DPIA) and determining whether processing is ‘likely to result in a high risk’ for the purposes of Regulation 2016/679 - WP 248 rev. 01
Google Scholar
CNIL Guidelines on DPIA. https://www.cnil.fr/fr/PIA-privacy-impact-assessment
Documentation on CNIL DPIA tool. https://www.cnil.fr/en/open-source-pia-software-helps-carry-out-data-protection-impact-assesment

Download references

Author information

Authors and Affiliations

Wavestone, Tour Franklin: 100 - 101 terrasse Boieldieu, 92042, Paris La Défense, France
Jules Sarrat & Raphael Brun

Authors

Jules Sarrat
View author publications
You can also search for this author in PubMed Google Scholar
Raphael Brun
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jules Sarrat .

Editor information

Editors and Affiliations

Universitat Politècnica de Catalunya, Barcelona, Spain
Manel Medina
ENISA, Maroussi, Greece
Andreas Mitrakas
Goethe University Frankfurt, Frankfurt am Main, Germany
Kai Rannenberg
University of Vienna, Vienna, Austria
Erich Schweighofer
Telefónica, Madrid, Spain
Nikolaos Tsouroulas

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Sarrat, J., Brun, R. (2018). DPIA: How to Carry Out One of the Key Principles of Accountability. In: Medina, M., Mitrakas, A., Rannenberg, K., Schweighofer, E., Tsouroulas, N. (eds) Privacy Technologies and Policy. APF 2018. Lecture Notes in Computer Science(), vol 11079. Springer, Cham. https://doi.org/10.1007/978-3-030-02547-2_10

Download citation

DOI: https://doi.org/10.1007/978-3-030-02547-2_10
Published: 30 December 2018
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-02546-5
Online ISBN: 978-3-030-02547-2
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics