Guides
Start typing to search…

Complete a Data Protection Impact Assessment (DPIA)

📘

DPIA Info

🚧

This is an annual requirement under GDPR.

Steps

  1. Complete your Initial GDPR Compliance Setup
  2. Complete your Data Protection Impact Assessment (DPIA)

Complete your Initial GDPR Compliance Setup

The DPIA documents the current state of your Organization's GDPR Compliance setup. Your answers to the Assessment questions will be vastly different before and after going through the initial GDPR Compliance Setup steps. Therefore, our suggestion is to start by going through your initial GDPR Compliance setup before completing your organization's DPIA.

Steps:

  1. (Not Covered) Assign a Data Protection Officer (DPO)
  2. (Partially Covered) Setup Data Inventory & Mapping
  3. (Not Covered) Record of Processing Activities (ROPA)
  4. (Not Covered) Consent & Cookie Management
  5. Vendor Management
    1. Send Data Processing Agreements (DPAs)
    2. Send Vendor Risk Questionnaires
  6. Create Policies & Procedures
  7. Privacy Center Implementation
  8. Invite your Team and Assign Training, Policy & Procedure Attestation, and Incident Reporting Acknowledgement
  9. Complete a Data Protection Impact Assessment (DPIA)

Complete your Data Protection Impact Assessment (DPIA)

From the Dashboard, Select Compliance in the left sidebar > Select Assessments

Select New Assessment > Select Data Protection Impact Assessment

Select Start

📘

Tip! This Assessment does not need to be completed in one sitting. Your progress will be saved!

Select Start Assessment

📘

Note: This is not a Pass/Fail test. The DPIA's purpose is to document current setup.

Answer each Question > Select Next

📘

Tip! This DPIA is from EU – Accountable did not write these questions. Some of the questions are vague. Answer each question to the best of your ability!

👍

Pro Tip! Your answers to many of these questions can be found in your Required Policies and Procedures. Our best practice is to copy & paste excerpts from your published P&Ps, and adding context as needed

Once you complete each section of the Assessment, Review your Answers > Select Continue Assessment

  • If you would like to edit a response, Select the Question
👍

Congratulations! You are one step closer to being GDPR compliant.

📘

REMINDER: This is a recurring element of GDPR Compliance. You need to complete a Data Protection Impact Assessment for your organization every 12 months.

Updated 3 days ago