- Home
- Governance
- Governing Authority
- Membership of Governing Authority
- Committees of Governing Authority
- Schedule of Meetings of Governing Authority
- Reports to Staff of Governing Body Meetings
- Due Dates for Meeting Documentation
- Regulation on Conduct of Governing Authority Business
- Decisions reserved to Governing Authority
- Code of Conduct for Governing Authority Members
- University Governance
- Statutes & Regulations
- University Companies
- Governing Authority
- Legal & Information Compliance
- Enterprise Risk Management
- Policies
- Contact Us
Data Protection Impact Assessments (DPIA's)
A Data Protection Impact Assessment (DPIA) is a process to help you identify and minimise the data protection risks of a project. You must do a DPIA for processing that is likely to result in a high risk to individuals. This includes some specified types of processing. You can use our screening checklists to help you decide when to do a DPIA. It is also good practice to do a DPIA for any other major project which requires the processing of personal data
A DPIA is the process of systematically considering the potential impact that a project or initiative might have on the privacy of individuals. It allows the University to identify potential privacy issues before they arise, and come up with a way to mitigate them. A DPIA can involve discussions with relevant parties/stakeholders. Ultimately such an assessment may prove invaluable in determining the viability of future projects and initiatives
Where the DPIA indicates that the risks identified in relation to the processing of personal data cannot be fully mitigated, the data controllers (UCC) is required to consult the DPC before engaging in the process
See the Data Protection Impact Assessment Procedure Template for further information
The Data Protection Commissioner has issued detailed guidance on DPIAs: http://gdprandyou.ie/data-protection-impact-assessments-dpia/