Data Protection Impact Assessment
A Data Protection Impact Assessment (DPIA) helps the Trust to identify, assess and mitigate any potential privacy risks that may arise when processing personal data. DPIAs are now a mandatory requirement for any changes to current data processing practices, the launch of a new project or the adoption of a new practice or system which involves personal data.
All completed DPIAs are submitted to the Information Assurance Group for review and approval. The membership includes the Senior Information Risk Owner (SIRO), the Data Protection Officer (DPO) and the Caldicott Guardian (CG).
In the additional documents at the bottom of this page you will find the DPIAs undertaken by the Trust each year.
A full version these documents can be obtained via a Freedom of Information (FOI) request. Please see the menu option on the previous page.