- Volume 3 (2017), Issue 4
- Vol. 3 (2017), No. 4
- >
- Pages 486 - 495
- pp. 486 - 495
Nature and Ideal Steps of the Data Protection Impact Assessment Under the General Data Protection Regulation
On 25 May 2018, a major new European Union data protection legislation act enters into force – the General Data Protection Regulation. Both the private and public sectors will have to comply with a new obligation in the Regulation – performing a Data Protection Impact Assessment (DPIA). This obligation is important for large, medium and small enterprises on a global level, because of the wide territorial scope of the law. The first part of the article aims to clarify the nature of the DPIA and proposes a definition for it. The second part offers a framework of the ideal steps of a DPIA, which should be taken in order to comply not only with the letter of the law, but also with its spirit.