Skip to content

Data protection impact assessment – PIA

Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons is applicable since 25 May 2018.

The GDPR is repealing Directive 95/46/EC (General Data Protection Regulation).

According to article 35, a data protection impact assessment becomes mandatory and must be carried out if processing is likely to result in a high risk to the rights and freedoms of natural persons.

A prior risk analysis must necessarily be conducted to determine if a DPIA is necessary.

SYC Consultants has been working for several years on the draft European regulation for the protection of personal data and in particular on DPIA (white paper available). An methodology has been developed in accordance with the recommendations of the french regulator (CNIL).