When a Trust, Academy or school invests in a new product, service or project that requires the handling of personal data, the Data Protection Officer at the Trust, Academy or school should undertake a data protection impact assessment.
A Data Protection Impact Assessment (DPIA) is a process to help you identify and minimise the data protection risks of a project. To complete this assessment the Trust, Academy or school may choose to enlist the help of other people within their own organisation.
CraignDave Ltd is a limited company within the UK and complies with all legal responsibilities under the Data Protection Act 2018, incorporating EU GDPR.
It is not the position of CraignDave Ltd to complete a Trust, Academy or school’s internal paperwork for impact assessments because we should not be judging ourselves, this is often referred to ‘poacher turned gamekeeper’.
All the information required for a Data Protection Officer to complete an impact assessment can be found within our privacy policies.