Close
Determine whether you are required to carry out a Data Protection Impact Assessment (DPIA). A DPIA must be completed before a project, or processing activity begins where personal data is involved.
A DPIA is a structured process used to identify, assess, and mitigate potential data protection and privacy risks associated with a project. It supports compliance with UK GDPR and ensures that appropriate safeguards are built into processing activities from the outset. Further guidance is available in the Data Protection Impact Assessment Overview.
To determine whether you need to complete a DPIA, please complete the screening questions, if you answer 'Yes' to any of these, a DPIA is required and must be completed before proceeding.