How to navigate the DPIA process if you're on a technical team

One of the hallmarks of getting to yes on a data collaboration agreement is ensuring you and your collaborator meet the privacy and InfoSec requirements of both organisations prior to any data access occurring. Typically, a data privacy impact assessment (DPIA) or a similar review is part of this process.

If you’re a technical team member (such as a researcher, ML Engineer, data scientist, etc.), it’s sometimes difficult to know who to go to, how to translate requirements to legal or privacy counterparts, and what to do to expedite this process.

This topic is here for those who want to share tips and tricks for navigating the DPIA process as a technical team member – share your experiences below!

1 Like

Here is a good starting point with checklists on DPIAs from the ICO, including templates and checklists:

https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/accountability-and-governance/data-protection-impact-assessments/

3 Likes

This is so useful. Thank you!