General Data Protection Regulation
Following the Data
Protection Directive of 1995
ePrivacy Directive
of 2002 (cookie law)
Articles
EU Site:
Privacy
by Design
Questions
- What?
- Why?
- Who is affected ?
- Am I a controller?
- Am I a processor?
- What data is included in protection?
- What protection is required?
- What to protect against? What consent is required?
- What are the penalties?
Privacy Impact Assessments
A Privacy
Impact Assessment (PIA), which is required under GDPR for data-intensive
projects, is a living document which must be made accessible to all involved
with a project. It is the process by which you discuss, audit, inventory, and
mitigate the privacy risks inherent in the data you collect and process.
Like all
GDPR documentation, a PIA can be requisitioned by a data protection regulator
in the event of a privacy concern or data breach. Not having a PIA is not an
option.
