Data Protection Impact Assessments

With a Data Protection Impact Assessment (DPIA), you ensure that the risks to the rights and to the freedoms of data subjects are minimized and that the processing activity is justified and appropriate for the intended purpose.

In the Default view of a processing activity, you can see whether Aeneis recommends carrying out a Data Protection Impact Assessment (DPIA) in the section Note on the creation of a DPIA.

Aeneis evaluates the following criteria:

  • High overall sensitivity of personal data

  • Transfer of data to a non-EU country according to the rule of 10

  • High risk according to the rule of 10

  • High risk according to threshold check

  • Gross risk assessment of class 4

Related Topics Link IconSee also

Record DPIA

You enter DPIAs via the associated processing activity.

Instructions:

  1. Navigate to a processing activity

  2. Click on

  3. Click on the entry Record DPIA:

  4. Enter data for the DPIA in the form:

  5. Click on Record DPIA

Results:

  • In the Default view of the processing activity, you can see that a Data Protection Impact Assessment has been recorded.

  • The DPIA was created as an object. You can view the DPIA from different perspectives via drop-down views.

    See also: DPIA views

Attach documents

You can subsequently attach a document to the DPIA via the Attach documents transition.