Skip to ContentSkip to Navigation
Digital Competence Centre
your one-stop for research IT and data
Digital Competence Centre Privacy & Data Protection GDPR & Research

Data Protection Impact Assessment (DPIA)

The GDPR introduces the Data Protection Impact Assessment (DPIA) as a mandatory requirement for specific cases in which there is likely a high risk to the rights and freedoms of the research participants.

What is a DPIA?

A Data Protection Impact Assessment is a method to build and demonstrate compliance with the GDPR. As the term already reveals, it is an assessment of how a project involving personal data might affect participants. The DPIA also aims to implement proper data protection measures during the project to eliminate or reduce the risks.

The DPIA helps the researcher and the institution to comply with the requirement of data protection by design. Experts on data management, P&S coordinators, and legal advisors will be part of the DPIA team (multi-stakeholders approach).

During the DPIA we will:

  • Map the data privacy risks in the project;
  • Assess the risks involved;
  • Define protection measures to eliminate or mitigate the risks.

More information for support staff

Last modified:10 October 2024 3.15 p.m.