Mark Weston, Data Protection Officer and Compliance Manager at iovation explains the concept of a privacy impact assessment.

“What is a privacy impact assessment?

It’s a way for an organization to understand the nature of the data that it’s processing and the way that data is being used and how it impacts and impedes individual privacy, which, after all, is a human right in the European Union. It’s about understanding who the data subject is, the categories of data that you’ve collected, how you intend to use that data, who ultimately will be the recipients of that data, how long you will keep that data for and whether you have assigned a time for that data to live – what does your retention policy look like?

It also revolves around cookie consent and collection. Do you have the appropriate consent in place? Have you got the cookie banners? Does it interact appropriately with the European Cookie Directive and the soon to arrive European Cookie regulation?”

For more information, check out other GDPR resources: GDPR compliance, GDPR overview, GDPR checklist.