Does the GDPR Require PIAs? Answer: Only Sometimes
View the Recording >>>
View the Recording below
Many privacy officers are under the impression that the GDPR requires organisations to conduct PIAs and that doing so will largely meet their GDPR compliance obligations. This is not the case. The GDPR is an accountability-based regulation and requires organisations to demonstrate compliance with all aspects of the GDPR: over 39 Articles require a technical or organisational measure to demonstrate compliance and Article 35 on data protection impact assessments is only one of them. Furthermore, DPIAs are required in only limited circumstances: when the processing is likely to result in a high risk to the rights and freedoms of natural persons.
In this webinar, learn about Nymity’s latest compliance innovation: an expert system that, when subject to GDPR, enables organisations to leverage their existing accountability mechanisms, meet their obligations under Article 30 (Records of processing activities) and, when DPIA-Triggered™, under Article 35 GDPR (Data Protection Impact Assessments). Understand how the burdensome traditional step of lengthy or incomplete questionnaires is avoided and how the solution enables organisations to carry out more data processing activities with the same data, within the boundaries of the law. In addition, you will learn how this solution provides the business a defensible position of evidenced compliance. In this webinar we will review:
- The overlap between accountability and traditional PIA frameworks
- Repurposing Article 30 GDPR to enable Data Protection Impact Assessments under Article 35 GDPR
- The power of automating the Accountability PIA Framework
- Step 1: Benefits to Individuals
- Step 2: Mitigating risk using accountability mechanisms
- Step 3: Effectiveness Assessments
- Accountability PIAs™ under the GDPR
Fill out our form to access our on-demand recording.
Terry McQuay, Nymity President & Founder
Paul Breitbarth, Nymity Director of EU Certification Research and Senior Solutions Advisor and
former Senior International Officer, Dutch DPA
Renard Francois, Global Chief Privacy Officer at General Electric
Enables GDPR compliant projects/processes and produces Records of Processing Activities Data Inventory, regulatory data mapping, PIAs and DPIA reports. Learn more
Enables the rapid deployment of expert accountability mechanisms and helps ensure ongoing compliance without restricting business. Find out more with the Nymity Templates™ – GDPR Add-on.
6 GDPR Solutions
See How Nymity Can Help