DPIAs are important tools for accountability, as they help controllers not only to comply with requirements of the GDPR, but also to demonstrate that appropriate measures have been taken to ensure compliance.
When you develop applications, tools or platforms that process personal data, and such processing is likely to result in a high risk to individuals, privacy laws require you to perform a Data Protection Impact Assessment (“DPIA”).
In the context of a DPIA, you must:
For many organisations, this is a tedious task, as a DPIA:
Pitch provides for a unique blend of services and SaaS software that assists software developers in conceiving and developing GDPR compliant applications. Developers working with us praise our hands-on approach that is directed towards achieving their goals, without putting in place “compliance roadblocks”.
Our DPIA proprietary DPIA application allows them to test whether and – if so – to which extent a certain data processing activity poses an increased risk from a data protection perspective. This way, software developers can create scenarios in order to assess their data protection / privacy compliance before they actually start with the development. In addition, our DPIA tool provides for suggestions on how this risk can be managed better, and which controls can be put in place to mitigate any residual risks.
Software development is one of the key areas where we implement our “technology-enabled” approach: providing legal assistance to software developers whilst providing them with tools that allow them to make data protection-focused self assessments in the development process.
Having been involved in the development of various IT systems, tools and applications ourselves, we are well aware of the ins and outs that organisations face in this regard. Which makes us the “to go to” party when it comes down to spending time on a whiteboard before development starts, in view to avoid fixing issues afterwards. Fixing things afterwards slows down the launch of your systems, increases costs and cause friction between the various stakeholders involved.