Which of the following is TRUE about the Data Protection Impact Assessment (DPIA) process as required under the General Data Protection Regulation (GDPR)?

Which of the following is TRUE about the Data Protection Impact Assessment (DPIA) process as required under the General Data Protection Regulation (GDPR)?
A . The DPIA result must be reported to the corresponding supervisory authority.
B . The DPIA report must be published to demonstrate the transparency of the data processing.
C . The DPIA must include a description of the proposed processing operation and its purpose.
D . The DPIA is required if the processing activity entails risk to the rights and freedoms of an EU individual.

Answer: C

Explanation:

The statement that is true about the Data Protection Impact Assessment (DPIA) process as required under the General Data Protection Regulation (GDPR) is that the DPIA must include a description of the proposed processing operation and its purpose.

According to Article 35(7) of the GDPR, a DPIA shall contain at least:

“a systematic description of the envisaged processing operations and the purposes of the processing”;

“an assessment of the necessity and proportionality of the processing operations in relation to the purposes”;

“an assessment of the risks to the rights and freedoms of data subjects”; “the measures envisaged to address the risks”; “safeguards”, “security measures”;

“mechanisms to ensure the protection of personal data”;

“to demonstrate compliance with this Regulation taking into account the rights and legitimate interests of data subjects and other persons concerned”5

Therefore, a DPIA must include a description of what data processing activities are planned and why they are needed as part of its content. This helps to provide a clear overview of the processing operation and its objectives as well as to assess its necessity and proportionality in relation to its purposes6

Reference: 5: [General Data Protection Regulation (GDPR) C Official Legal Text], Article 35(7); 6: Data protection impact assessments | ICO

Latest CIPM Dumps Valid Version with 90 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments