Auditable Impact Assessment

Accountability obligations taken care of.

Why are Data Processing Impact Assessments (DPIAs) so important?

DPIAs (also referred as Privacy Impact Assessments, PIA) are an essential part of your accountability obligations when on the path to compliance. Conducting a DPIA is a legal requirement for any type of data processing in conjunction with  regulatory requirements such as the EU GDPR (General Data Protection Regulation) and DPA (Data Protection Act) 2018.

A failure to carry out a DPIA (when required) can increase your risk of enforcement action being taken from independent regulatory authorities, such as the UKs ICO (Information Commissioner’s Office), which could be a fine of up to €10 million, or 2% global annual turnover if higher.

Maintaining your DPIAs will also ensure your organisation is continually compliant to privacy laws accountability principle.

Cassie can help you ensure compliance and reduce the risk that is posed by DPIAs.

Privacy by design and DPIAs.

DPIAs are most effective when completed as soon as a project has begun. This approach will allow you to mitigate any challenges that may arise and enable you to implement any improvements as the project develops.

Taking a Privacy-by-Design led approach will allow you to methodically navigate through any potential issues from the beginning to the end of a project’s lifecycle. You will significantly reduce the likelihood of breaching your relevant privacy legislation and therefore reduce the potential negative impact on individuals any breaches could cause.

Another significant benefit of conducting DPIA’s for your organisation is the increased awareness and knowledge of data protection principles that will be promoted throughout all relevant departments.

Full audit trails with Cassie.

Introduce a centralised DPIA process and workflow.

Alongside the identification of processing activities, each time data is being processed, a Data Processing Impact Assessment must be undertaken. You will need to take into consideration that globally there are differing requirements for this process depending on the location. Once this workflow process has been undertaken and agreed within your organisation, the DPIA should be associated with the processing activities.

Cassie will allow you to define the Impact Assessment workflow as required, and then attach that agreed process to the data processing activities throughout the solution, providing you with a full audit trail.

“The Cassie Team have been extremely professional and supportive throughout the project. The migration was part of a much wider programme of work which made it a complicated delivery. Despite these added complexities the Cassie migration was flawlessly managed. The teams support, responsiveness, expertise and helpful attitude meant that I had utter confidence in this part of the programme and the management of the delivery confirmed that I was right to have such confidence.”

Jon Underwood UK Data Programme Manager, LexisNexis

Trusted by.

Cassie software is trusted by and powers many leading enterprises and governments across the globe including: