Data Protection Impact Assessments in Practice: Experiences from Case Studies

CC BY 4.0 UnportedFriedewald, MichaelSchiering, InaMartin, NicholasHallinan, DaraKatsikas, SokratisLambrinoudakis, CostasCuppens, NoraMylopoulos, JohnKalloniatis, ChristosMeng, WeizhiFurnell, StevenPallas, FrankPohle, JörgSasse, M. AngelaAbie, HabtamuRanise, SilvioVerderame, LucaCambiaso, EnricoVidal, Jorge MaestreMonge, Marco Antonio Sotelo2023-03-032023-03-032022https://oa.tib.eu/renate/handle/123456789/11641http://dx.doi.org/10.34657/10674In the context of the project A Data Protection Impact Assessment (DPIA) Tool for Practical Use in Companies and Public Administration an operationalization for Data Protection Impact Assessments was developed based on the approach of Forum Privatheit. This operationalization was tested and refined during twelve tests with startups, small- and medium sized enterprises, corporations and public bodies. This paper presents the operationalization and summarizes the experience from the tests.enghttps://creativecommons.org/licenses/by/4.0004Data protection goalsData Protection Impact AssessmentGeneral Data Protection RegulationPrivacyRisk managementStandard Data Protection ModelData Protection Impact Assessments in Practice: Experiences from Case StudiesBookPartKonferenzschrift