Law firm Bird & Bird outlines a list of processing operations created by the Spanish Data Protection Agency that calls for privacy impact assessments. Article 35 of the EU General Data Protection Regulation briefly explains some operations that need assessments, but the AEPD provides a detailed list of 11 operations. A process that meets two or more points on the AEPD's list is considered to be at risk and in need of a PIA.
Full Story
Comments
If you want to comment on this post, you need to login.