Data Protection Impact Assessment (DPIA)

A Data Protection Impact Assessment (DPIA) is a process designed to identify and minimize the data protection risks of a project or operation. Under the GDPR, a DPIA is mandatory for processing that is likely to result in a high risk to the rights and freedoms of natural persons. This often applies to employment data processing, especially when it involves large-scale processing of sensitive data, systematic monitoring of employees, or the use of new technologies.