White Paper DSGVO Impact Assessment and Risk Management

in collaboration with IT lawyer Frank Trautwein


With the entry into force of the GDPR companies are required by law to assess the risks of certain data processing operations themselves.

Specifically, in certain cases, a data protection impact assessment (DSFA) becomes necessary. It describes the procedure involved and evaluates the risk. In addition, the handling of the identified risk must be documented.

As in many aspects of the DSGVO, there are still some ambiguities regarding the DSFA. For example, many authorities have not yet clarified which framework conditions must be met in order for certain data processing operations to require a privacy impact assessment. However, some procedures, such as tracking biometric data or personal characteristics scoring (purchasing power), will be affected in any case and should now be analyzed for their risks.

Our tip: estimate consequences, do not wait for consequences

Conducting a DSFA gives few puzzles. With simple tools and specifications that we present to you in our white paper, privacy impact assessments can be implemented with reasonable effort.

As part of our preparations for the DSGVO, we have dealt with various IT legal experts and developed several whitepapers, webinars and other content. This information is provided to our subscribers free of charge. Please click on "Request download" to activate your access.

GermanEnglish