The General Data Protection Regulation created the privacy impact assessment (PIA) or data protection impact assessment (DPIA) instrument (Art. 35 of the GDPR). Before beginning the planned data processing, the controller is required to perform and document an impact assessment. The assessment can be combined with other processing processes.
A tool for identifying and evaluating privacy...