Abstract

On 25 May 2018, a major new European Union data protection legislation act enters into force – the General Data Protection Regulation. Both the private and public sectors will have to comply with a new obligation in the Regulation – performing a Data Protection Impact Assessment (DPIA). This obligation is important for large, medium and small enterprises on a global level, because of the wide territorial scope of the law. The first part of the article aims to clarify the nature of the DPIA and proposes a definition for it. The second part offers a framework of the ideal steps of a DPIA, which should be taken in order to comply not only with the letter of the law, but also with its spirit.

Full Text
Paper version not known

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Algorithmic Impact Assessments under the GDPR: Producing Multi-layered Explanations
Margot E Kaminski ... Gianclaudio Malgieri
SSRN | VOL. -
Margot E Kaminski, et. al.Margot E Kaminski ... Gianclaudio Malgieri
06 Oct 2019
Algorithmic impact assessments under the GDPR: producing multi-layered explanations
Margot E Kaminski ... Gianclaudio Malgieri
International Data Privacy Law | VOL. 11
Margot E Kaminski, et. al.Margot E Kaminski ... Gianclaudio Malgieri
06 Dec 2020
A comparative analysis: health data protection laws in Malaysia, Saudi Arabia and EU General Data Protection Regulation (GDPR)
Jawahitha Sarabdeen ... Mohamed Mazahir Mohamed Ishak
International Journal of Law and Management | VOL. -
Jawahitha Sarabdeen, et. al.Jawahitha Sarabdeen ... Mohamed Mazahir Mohamed Ishak
05 Apr 2024
Data Protection Impact Assessment under the EU General Data Protection Regulation: A feminist reflection
Alessandra Calvi
Computer Law & Security Review: The International Journal of Technology Law and Practice | VOL. 53
Alessandra CalviAlessandra Calvi
23 Mar 2024
View more papers

More From: European Data Protection Law Review

Paper Title
Journal
Date
Author
France and Germany ∙ Amazon Fined by CNIL for Excessive Monitoring of Employees in France – Is the Situation in Germany Contrary to This?
S Braun
European Data Protection Law Review | VOL. 10
S BraunS Braun
01 Jan 2024
CJEU: The Rating of a Natural Person’s Creditworthiness by a Credit Rating Agency Constitutes Profiling and Can Be an Automated Decision under Article 22 GDPR
J Horstmann
European Data Protection Law Review | VOL. 10
J HorstmannJ Horstmann
01 Jan 2024
Data Altruism, Personal Health Data and the Consent Challenge in Scientific Research:
G Chassang ... L Feriol
European Data Protection Law Review | VOL. 10
G Chassang, et. al.G Chassang ... L Feriol
01 Jan 2024
Editorial
B Van Der Sloot
European Data Protection Law Review | VOL. 10
B Van Der SlootB Van Der Sloot
01 Jan 2024
View more papers