Privacy Impact Assessments

Does your team understand the difference between a Data Protection Impact Assessment (DPIA) and Privacy Impact Assessment (PIA)? Do you know which to run? And when?

DPSA CAN HELP minimize the confusion.

A properly drafted PIA can be used to meet CPRA and VCDPA requirements and to flag when a full DPIA is needed.

We will design a custom workflow that fits your organization’s needs and helps you determine whether you need a DPIA or a PIA. Our process begins with a Privacy Threshold Assessment (PTA) to determine if there is enough risk (or new risk) to warrant a PIA.

Then, a PIA tailored to your company will evaluate privacy and security requirements across regulations – DPSA’s “smart” assessment questionnaires allow for early exits and will take the team directly into the DPIA, if needed.

DPSA will help you understand risk and provide the actionable recommendations to bring it in line.