We can do a Privacy Impact Assessment (PIA) for you. Some people, especially in the EU where the GDPR applies, call it a Data Protection Impact Assessment (DPIA). In South Africa, some people call it a POPI Impact Assessment. Whatever you call it, we assess:
- what laws you must comply with,
- the impact the applicable privacy laws or issues will have on your organisation or on a specific activity, process, or application,
- your current privacy practices,
- your current state of your compliance with data protection laws,
- where the biggest impact will be, and
- what you should focus on.
We have studied International trends and best practice regards impact assessments and have conducted many for our clients.
How you benefit from a Privacy Impact Assessment
- Know where the biggest impact will be
- Know where to focus your efforts
- Know the scope of the remedial work that needs to be done and how best to do it
- Reduce your legal compliance workload
You also need to understand which of current business activities involve personal information (PI) and which laws apply to those activities. We do this by conducting a PIA or mapping your activities. Sometimes, we recommend that you do a privacy impact assessment for just one of your activities or processes.
The Scope of an Impact Assessment
The scope varies greatly between clients. It can be done at a high-level or in depth. If you’d like to take a the first step, complete our complimentary high-level POPI Impact Assessment questionnaire.