A Process for Data Protection Impact Assessment Under the European General Data Protection Regulation

This paper, published by Springer, examines the GDPR's data protection impact assessment provisions in detail and examines ways for their successful implementation. It proposes a process which operationalizes established requirements ensuring the appropriate attention to fundamental rights as warranted by the GDPR, incorporates the legislation’s new requirements and can be adapted to suit the controller’s needs.