The General Data Protection Regulation came into force on 25 May 2018 across the European Union and European Economic Area. The Regulation introduced wide-ranging changes to the way businesses handle data they receive from customers and service users. As a result, data protection obligations for companies operating within Europe have become more onerous, and several new legal duties have been introduced.
At Three Graces Legal, we know our clients are keen to ensure they are meeting these obligations and keeping their customers’ information safe. However, it can often be difficult to know the best way to do this. As a qualified GDPR practitioner, we can offer you advice and support on the best way to handle your new obligations and protect both your business and your consumer base.
What is a DPIA?
DPIA stands for Data Protection Impact Assessment. Since the GDPR came into force, businesses have been required to carry these out when conducting high-risk data processing in order to assess and minimise risks. Companies are given a large amount of flexibility on the format of their assessments, but the DPIA must be proportionate to the level of risk involved.
How is risk assessed?
The level of risk involved in data processing is linked to the probability and severity of any impact on individuals. It is good practice to conduct a DPIA for any major project involving the processing of personal data. Enforcement action for carrying out an inadequate DPIA can result in a fine of up to 10 million euros or 2% of global turnover.
How we can help
As a qualified GDPR practitioner, Three Graces Legal can help you create a DPIA system which is scalable to the different processes your business is carrying out, allowing you to meet your obligations without unnecessary trouble or expense. Our expert team can help you understand your risk profile and ensure that you are not caught out.
Contact our Risk Profile and Data Processing Experts in Liverpool, Wirral and Merseyside
Our Data Protection and GDPR experts can help you ensure you are protecting consumers and safeguarding your business from potential liability under the GDPR. Call us today on 0151 659 1070 or complete our online contact form.