Abstract
On 25 May 2018, a major new European Union data protection legislation act enters into force – the General Data Protection Regulation. Both the private and public sectors will have to comply with a new obligation in the Regulation – performing a Data Protection Impact Assessment (DPIA). This obligation is important for large, medium and small enterprises on a global level, because of the wide territorial scope of the law. The first part of the article aims to clarify the nature of the DPIA and proposes a definition for it. The second part offers a framework of the ideal steps of a DPIA, which should be taken in order to comply not only with the letter of the law, but also with its spirit.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have