Day

April 5, 2018

05 April 2018

Belgian Privacy Commission Issues Guidance on Data Protection Impact Assessments Under the GDPR

On 28 February 2018, the Belgian Commission for the Protection of Privacy (the “Privacy Commission”) published a recommendation setting out its approach to Data Protection Impact Assessments (“DPIAs”), and in doing so published a “White List” and a “Black List” of processing operations, pursuant to the General Data Protection Regulation (“GDPR”).  Organisations subject to the GDPR are required to assess whether they need to undertake a DPIA when undertaking new processing operations. However under the GDPR, member state data protection authorities:

  • are required to publish a “Black List” of processing operations which are always subject to the requirement to undertake a DPIA; and
  • are permitted to publish a “White List” of processing operations which are not subject to the requirement to undertake a DPIA.

(more…)

EmailShare
XSLT Plugin by BMI Calculator