Data Protection Impact Assessment (DPIA) Summaries for NHS Health Research Authority
What is a data protection impact assessment?
The Data Protection Impact Assessment (DPIA) is a tool which can help organisations identify the most effective way to comply with their data protection obligations and meet individuals’ expectations of privacy. An effective DPIA will allow organisations to identify and fix problems at an early stage, reducing the associated costs and damage to reputation, which might otherwise occur.
To determine if a DPIA is required a privacy screening template is completed using questions based on ICO published guidance. The responses are reviewed by Information Governance and the Information asset Owner / Administrator to determine if a DPIA is required.
If there is no personal data involved, it has been anonymised or there are no high risks then a DPIA will not be undertaken.
Ther information on this page only shows DPIAs completed and signed off by Information governance and the Information Asset Owner.
This are shown in alphabetic order of the project / process name.
Project / Process name Equality and Diversity
Committee member Equality and Diversity declarations monitored to ensure Equality and diversity legislation obligations are being met.
DPO Recommendation / Conclusion
Risks agreed and with Information Asset owner for action as part of the centralisation of the recruitment process