Privacy Impact Assessments

Privacy impact assessments (PIAs) are a tool which can help organisations identify the most effective way to comply with their data protection obligations and meet individuals’ expectations of privacy. An effective PIA will allow organisations to identify and fix problems at an early stage, reducing the associated costs and reputational damage which might otherwise occur. PIAs are an integral part of taking a privacy by design approach, and will be mandatory under the General Data Protection Regulations (GDPR) for processes and technologies that are likely to result in a high risk to the rights of data subjects.

If you have not already done so it would be useful to familiarise yourself with the University’s Data Classification Principles. The University requires a PIA for any new processes or technologies involving restricted or highly restricted data.

Useful documents

Below are links to three documents that you will need if you are planning on undertaking a Privacy Impact Assessment.

Privacy Impact Assessment Screening Questionnaire

Privacy Impact Assessment process

Assessment Template

Further Information

 If you have any queries or require assistance, in the first instance contact Information Assurance Services via email or ext. 7945.

Share this page:

Request Information

To make a Data Subject Access Request, or a Freedom of Information Request, please contact IAS directly.