A high risk assessment is not a term specifically noted within the data protection regulation. It is a term used within ProvePrivacy to refer to a specific assessment of an activity to determine […]
A record of processing activities (ROPA) is required in order to help demonstrate that an organisation processes personal data in accordance with the data protection principles. It identifies how the […]
Legitimate interest is a lawful basis which to some degree is assumed by an organisation when it does not rely on any other lawful basis. Legitimate interest provides a good […]
An activity is a process, or part of a process which your organisation undertakes to fulfil its objectives, where an activity processes personal data this should be for a legitimate […]
A Data Protection Impact Assessment (DPIA) is a process that is undertaken when you believe that the activity that you are undertaking has the potential to create a high risk […]
There is no clear definition of what ‘large scale’ means, therefore the definition is in some respects open to interpretation. However, if we were to consider large scale we should […]
Whilst it is important that all personal data is protected, there are certain activities or categories of personal data which might present a higher risk to the data subject if […]
Consent is provided by the data subject as a means of granting the organisation permission to carry out a specific processing activity. It provides the greatest level of control to […]
The accountability principle signifies a step change in data protection legislation. This principle requires organisations to be able to demonstrate their adherence to the data protection principles, which in turn […]
In order for personal data to be processed in a transparent manner we must be sure that we have informed the data subject of how their data is processed, the […]
- 1
- 2