Data Protection Impact Assessments

What is a DPIA?

A Data Protection Impact Assessment (DPIA) is a process to help identify and minimise the data protection risks of a project.

We conduct a DPIA for processing data when it is likely to result in a high risk to individuals. This includes some specified types of processing. We also adopt good practice and do a DPIA for any other major project which requires the processing of personal data.

We create, manage and review our DPIAs through an electronic system called the 'Information Sharing Gateway (ISG)' this helps us to create and link to 'Data Sharing Agreements' which are also managed through the ISG.

We follow local and national guidance.

For further information please see the Information Commissioner’s Office (ICO)

DPIA Register

If you have any queries about DPIAs or would like to view any documents please make a request through the IG Team.