O5.7 Implement privacy and data protection impact assessments prior to roll-out

Principles

O5 Ensure data protection during use

Risks

SV3 Weak institutions, RS1 Privacy vulnerability

Life Cycle Stages

L1 Conception and Scoping

Practcies

• Monitor and enforce the requirement for privacy and data protection impact assessments, ensuring they are conducted thoroughly before the roll-out of DPI systems.

• Provide clear guidelines on how these assessments should be performed, ensuring consistency and adherence to best practices.

• Evaluate the results of these assessments and ensure that any identified risks are addressed in accordance with legislative standards before granting approval for the DPI roll-out.