Where a type of processing, in particular processing using new technologies, is likely to present a high risk to the rights and freedoms of individuals, having regard to its nature, scope, context or purposes, the controller shall conduct an assessment of the impact of the intended processing activities on the protection of personal data prior to the processing.
The assessment includes at least:
A general description of the intended processing operations;
An assessment of the risks to the rights and freedoms of data subjects;
the intended risk reduction measures;
the precautionary and security measures and mechanisms to protect police data and to demonstrate compliance with the provisions of or under this law, while respecting the rights and legitimate interests of data subjects and other persons concerned.
If necessary, the controller shall conduct a review to assess whether the processing is carried out in accordance with the data protection impact assessment, at least when there is a change in the risk posed by the processing operations.
Regulations based on this article (delegated regulations)
No
Policies and circulars that have this article as legal authority
No
Articles or similar text referring to this article
Regulation WPG Defense
article: 2.1, 3
Law on use of passenger data to combat terrorist and serious crimes
Article: 17
Police Data Act
article: 33b, 35c, 36c, 36
Money Laundering and Terrorist Financing Prevention Act
section: 14
(01-01-2020)
|
Effective date |
Retroactivity |
Subject |
Signature |
Announcement |
Chamber documents |
Signature |
Announcement |
Note |
|
new |
2018 |
2018 |
||||||
