This framework is the latest in Nymity’s ongoing thought-leadership research in accountability. It is a next generation approach to Privacy Impact Assessments (PIAs) and Data Protection Impact Assessments (DPIA) which is called an Accountability PIA Framework. The core of the approach works on a simple premise: both PIAs and organisational accountability have the same purpose - they mitigate privacy risk and address compliance. So, why can’t organisational efforts in accountability be leveraged in a PIA? This paper argues that it can and provides a framework for doing so.
The Framework extends the functionality and value of a PIA well beyond the traditional PIA in use today. It delivers:
- benefits to individuals;
- higher assurances that risk is mitigated effectively; and
- if subject to GDPR, produces your Article 30 records of processing activities.
Section 5, 6, and 7 address
GDPR Article 30 Records of processing activities and Article 35 Data protection impact assessments
Also, this next generation Framework enables PIAs:
- to make better use of resources; and
- be much more scalable.
Finally, for the business, it:
- enables more processing of personal data; and
- provides evidence of compliance.
In short, the Accountability PIA Framework has better outcomes for both individuals and the organisation. The paper has 7 sections:
- Challenges with the Traditional Approach to PIAs
- The Overlap between Accountability and PIAs
- Accountability PIA Framework
- Step 1: Benefits to Individuals
- Step 2: Remediate Risk using Accountability Mechanisms
- Step 3: Effectiveness Assessments
- The Outcomes: Better Risk Mitigation and Demonstrable Compliance
- Accountability and DPIAs in the GDPR
- Example Article 30 and Article 35 Reports
- The Power of Structured Accountability for GDPR Compliance
Appendix A: Why the Timing is Right for the Next Generation of PIAs: Accountability PIA Framework
The Next Generation in Accountability Based Privacy Impact Assessments (PIA/DPIA). Learn more
Enables the rapid deployment of expert accountability mechanisms and helps ensure ongoing compliance without restricting business. Find out more with the Nymity Templates™ – GDPR Add-on.
See How Nymity Can Help