A PIA (Privacy Impact Assessment) is required on GDPR and US state privacy laws when data being processed represents a high risk of harm to individuals or when profiling is involved.
As part of the PIA process, companies are required to identify what data is being processed, how it’s use may be minimized, how long it will be retained for, how it will be protected and legal basis for use.
Guide to Performing a Privacy Impact Assessment
Privacy impact assessments are required under GDPR Art.35 and US State privacy laws. Learn the steps required for a PIA and download our template.