Data Protection Impact Assessment (DPIA)

A Data Protection Impact Assessment (DPIA) is a process to help organizations identify and minimize the data protection risks of a project.
GDPR mandates DPIAs for “a type of processing, in particular using new technologies and taking into account the nature, scope, context, and purposes of the processing, is likely to result in a high risk to the rights and freedoms of natural persons, the controller shall, before the processing, assess the impact of the envisaged processing operations on the protection of personal data.”