Skip to ContentSkip to Navigation
Digital Competence CentrePart of University of Groningen
Close
Digital Competence Centre
your one-stop for reserach IT and data
Digital Competence Centre Privacy & Data Protection GDPR & Research

Data Protection Impact Assessment (DPIA)

The GDPR introduces the Data Protection Impact Assessment (DPIA) as a mandatory requirement for specific cases in which there is likely a high risk to the rights and freedoms of the research participants.

What is a DPIA?

A Data Protection Impact Assessment is a method to build and demonstrate compliance with the GDPR. As the term already reveals, it is an assessment of how a project involving personal data might affect participants. The DPIA also aims to implement proper data protection measures during the project to eliminate or reduce the risks.

The DPIA helps the researcher and the institution to comply with the requirement of data protection by design. Experts on data management, P&S coordinators, and legal advisors will be part of the DPIA team (multi-stakeholders approach).

During the DPIA we will:

  • Map the data privacy risks in the project;
  • Assess the risks involved;
  • Define protection measures to eliminate or mitigate the risks.
Read the DPIA guide for researchers
What is a DPIA and how to you use it?

More information for support staff

DPIA roles and responsibilities for stakeholders
Last modified:10 October 2024 3.15 p.m.
Functional
Provides basic functions and uses anonymized cookies.
Standard
Provides optimal operation and uses video cookies, among others.
Complete
Provides personalized content and uses marketing cookies.
Set your cookie preferences. Read our privacy and cookie disclaimer for more information.