Читать книгу Privacy & Data Protection Practitioner Courseware - English - European Institute of Management and Finance (EIMF) - Страница 29

You are a group of three employees of the privacy department of company Alpha. You divide the roles of the data protection officer (DPO) and two employees in charge of privacy tasks.

The board assigns the three of you as the DPIA project group and asks you to perform the following steps of the DPIA. Since this is a heavy workload you divide the steps among the three of you. Each role takes responsibility for preparing two of the steps of the DPIA.

1. make a list of data subjects and stakeholders (internal and external) that you need to consult;

2. assess the necessity and proportionality of the processing;

3. make a list of measures envisaged to demonstrate compliance with the EU GDPR Regulation;

4. assess the risks to the rights and freedoms of data subjects;

5. present the measures envisaged to address the risks;

6. make an overview of the necessary documentation and products.