Data Protection and Privacy Impact Assessments
The course can be a half day or all day course; the all day course offers more time to consider practical issues when performing a PIA.
The course content covers the following questions: What is data protection? How does it differ to privacy? How does it differ from security? Why do we have to do a PIA? Practical sessions cover: how PIA relates to risk assessment: how to assess risks, how to quantify them, what countermeasures could be adopted, audit of countermeasures.
Finally, the course covers a privacy law compliance check and how that differs from a data protection compliance check. It addresses the questions How do we know what other laws to consider? Do we do a small-scale PIA or full-scale PIA? Doing a PIA in detail? What records should be kept?