Privacy Impact Assessments

Improve data protection performance by embedding privacy into all policies, procedures & activities. Our Privacy Impact Assessments ( PIA PIAs ) training makes it easy

The GDPR (General Data Protection Regulation) imposes stringent standards for data protection on UK virtually all UK businesses and organisations be they private, public or not for profit. The penalties for breaching the legislation are huge, couple this with the frequency that problems occurred under the previous, relatively light touch legislation, and it is imperative that all businesses and organisations start to focus on privacy by design.

In simple terms privacy needs to be considered at each and every stage of every policy, procedure, practice and project.

Whilst existing data protection policies, procedures and practice should be sufficiently robust to prevent privacy breaches things can and do go wrong, and unfortunately far too often.

Privacy Impact Assessments (PIAs) are a powerful tool that will help you reduce risks, meet the challenges of the latest data protection legislation better and embed privacy be design.

PIAs are a useful tool for assessing the robustness of existing policies but maximum benefit is obtained when they are used when updating or developing new policies, procedures, practice and projects. PIAs support privacy by design – that is to say to ensure privacy and data protection compliance is embedded from the start and compliance with data protection legislation is enhanced.

In the words of the UK Information Commissioner, PIAs are

“A tool that you can use to identify and reduce the privacy risks of your projects. A PIA can reduce the risks of harm to individuals through the misuse of their personal information. It can also help you to design more efficient and effective processes for handling personal data.”

Without a robust PIA, privacy and confidentially issues are often bolted on as an after-thought or even ignored altogether. The penalties for data protection breaches under the GDPR are so great that no UK business or organisation can take the risk of getting things wrong.

Our one-day workshop explains all, It helps you understand what privacy impact assessments are, how they work, the approaches that make them robust and what is needed to make them easy to use.

Delegate Feedback

For Whom
This workshop is suitable for directors, managers, staff and volunteers from business and organisations in all sectors. The day can be tailored to the codes of practice used in the private, public and voluntary sectors and tailored and reconciled with your inhouse policies and procedures.

It is however important that anyone attending the workshop should already have a good working knowledge of the Data Protection Act and The GDPR. Our related one-day workshop on the GDPR and ePrivacy provides the necessary background information for those needing to refresh their knowledge of the latest data protection legislation and good practice.

In a lively interactive workshop, participants focus on: –

  • What is a Privacy Impact Assessment (PIA) ?
  • Definition of Privacy and Intrusion
  • Aim and Purpose of a PIA
  • Benefits of a PIA
  • Information Commissioners Code of Practice for PIAs
  • Key laws relating to Privacy and Intrusion
  • Definition of High Risks to Privacy
  • Impact of High Risks for the Individual/Organisation and Compliance
  • Eight Potential High Risks
  • Nine Different Steps an organisation can take to reduce High Risks
  • The PIA Screening Process
  • The Six Steps after Screening
  • Reconciling the Screening and Six Steps with Data Protection and the GDPR
  • Step by step live case study of a PIA with feedback

A practical PIA toolkit to use back in the workplace after attending the course will be provided to participants as well as other materials.