"/ >

PAe - AEPD publishes a model of report to assist public administrations to conduct evaluations impact on data protection
the accesskey _ mod _ content

La AEPD publica un modelo de informe para ayudar a las Administraciones Públicas a realizar evaluaciones impacto en la protección de datos

12 July 2019

Collects all aspects that must be taken into account by the AAPP to produce a report of impact assessment (EIPD), complementing the practical guide published by the agency

The Spanish Agency of data protection (AEPD) has published a Modelo de informe de Evaluación de Impacto en la Protección de Datos (EIPD) addressed to Public Administrations in order to facilitate the implementation of these assessments and developed from the Practical guide for impact assessments in data protection (Opens in new window) published by the AEPD. The model has been developed in collaboration with the ministry of work, Migrations and Social security and the centre of information security of the Computer Management of Social security.

Among the obligations that the General regulation of data protection (RGPD) obliges controllers is the need to assess the impact of treatment activities in data protection when it is likely that such treatment may lead to a high risk for the rights and freedoms of individuals.

The model collects all aspects that must be taken into account to produce a report of impact assessment, among which is the description of treatment, the legal basis which justifies, analyses of treatment, the obligation to make a EIPD or performance, as well as measures to reduce the risk, an action plan and a paragraph of findings and recommendations.

While this model is not directed at responsible make data treatments low risk, where it is not mandatory to make an impact assessment can be assessed the possibility of carrying out this analysis with other purposes, such as an in-depth study treatment; improve the overall management of processes of an organization; generate knowledge and culture of data protection, or take responsibility proactive.

Original source of the news (Opens in new window)

  • Administrative cooperation
General access point
General access point