Online lecture: Data protection impact assessment

Content:
The data protection impact assessment (DPIA) is a key instrument of the General Data Protection Regulation (GDPR) and must be carried out if the processing of personal data is likely to result in a high risk to the rights and freedoms of data subjects. This is not only the case in traditional instances, such as video surveillance, but can also be the case when implementing new technologies, such as cloud services. In view of the increasing digitalization in everyday life, companies and public bodies are regularly confronted with the question of whether a DPIA is necessary and how it can be carried out successfully. The presentation provides a practical overview of the legal requirements and methodological steps of a DPIA: from threshold analysis and risk assessment to the determination of suitable remedial measures. In addition, typical practical pitfalls are highlighted and specific recommendations for legally compliant and efficient implementation are given.

Speaker:
Christina Kiefer, LL.M. (Oslo) is a lawyer and Senior Associate in the Digital Business Unit of reuschlaw in Saarbrücken. She advises companies and public institutions on complex issues in the areas of data protection and cyber security as well as IT law. One focus of her work is supporting clients with the introduction of digital products. She is also (co-)author of various specialist publications.