# O5.1 Implement privacy and data protection impact assessments prior roll-out {% tabs %} {% tab title="Risk" %} [SV2 Weak rule of law](https://safedpi.gitbook.io/safeguards/universal-dpi-safeguards-framework/risks) [RS1 Privacy Vulnerability ](https://safedpi.gitbook.io/safeguards/universal-dpi-safeguards-framework/risks/risks-to-safety) {% endtab %} {% tab title="Life Cycle Stage" %} [L1 Conception and Scoping ](https://safedpi.gitbook.io/safeguards/universal-dpi-safeguards-framework/life-cycle-stages) {% endtab %} {% tab title="Principle" %} [O5 Ensure data protection during use](https://safedpi.gitbook.io/safeguards/universal-dpi-safeguards-framework/principles/operational-principles/o5-ensure-data-protection-during-use) {% endtab %} {% endtabs %} ## Practices > * Run comprehensive assessments to identify privacy and data protection needs for different users. > * Ensure legal framework are in place before roll-out of DPI. ## Resources


	Case Study	Coming soon..
	References	GDPR, Risk Management Framework (RMF) of NIST