White Paper DSGVO Impact Assessment and Risk Management

in collaboration with IT lawyer Frank Trautwein

With the entry into force of the GDPR companies are required by law to assess the risks of certain data processing operations themselves.

Specifically, in certain cases, a data protection impact assessment (DSFA) becomes necessary. It describes the procedure involved and evaluates the risk. In addition, the handling of the identified risk must be documented.

As in many aspects of the DSGVO, there are still some ambiguities regarding the DSFA. For example, many authorities have not yet clarified which framework conditions must be met in order for certain data processing operations to require a privacy impact assessment. However, some procedures, such as tracking biometric data or personal characteristics scoring (purchasing power), will be affected in any case and should now be analyzed for their risks.

Our tip: estimate consequences, do not wait for consequences

Conducting a DSFA gives few puzzles. With simple tools and specifications that we present to you in our white paper, privacy impact assessments can be implemented with reasonable effort.

As part of our preparations for the GDPR, we discussed with various IT legal experts and developed several white papers, webinars and other content. We make this information available to our subscribers free of charge. Please click on "Request download" to activate your access.

Request download