This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies.

DPIA Summaries

Last updated on 14 Mar 2019

Data Protection Impact Assessment (DPIA) Summaries for NHS Health Research Authority

What is a data protection impact assessment?

The Data Protection Impact Assessment (DPIA) is a tool which can help organisations identify the most effective way to comply with their data protection obligations and meet individuals’ expectations of privacy. An effective DPIA will allow organisations to identify and fix problems at an early stage, reducing the associated costs and damage to reputation, which might otherwise occur.

To determine if a DPIA is required a privacy screening template is completed using questions based on ICO published guidance.  The responses are reviewed by Information Governance and the Information asset Owner / Administrator to determine if a DPIA is required.

If there is no personal data involved, it has been anonymised or there are no high risks then a DPIA will not be undertaken.


Ther information on this page only shows DPIAs completed and signed off by Information governance and the Information Asset Owner.

DPIA Summaries

This are shown in alphabetic order of the project / process name.

Project / Process name Equality and Diversity


Committee member Equality and Diversity declarations monitored to ensure Equality and diversity legislation obligations are being met.

DPO Recommendation / Conclusion

Risks agreed and with Information Asset owner for action as part of the centralisation of the recruitment process


Back to privacy notice