In interesting set of reference material, that is regularly coming back in data protection, cybersecurity and information security discussions I lately had with peers and colleagues.
May you can use it too…
Feel free to provide some feedback yourself, if you know additional pointers I should add.
You know where to find me.
2022-04-27 14:00: Added EDPB announcement to references section
2018-12-06: DPIA on Microsoft Office 2016 & 365
Direct download of PDF:
2022-02-22: DPIA on Microsoft Office 365
Press release by Dutch Government:
Publication of DPIA by Dutch Government
2022-02: The Dutch Ministry of Justice and Security requested an analysis of US legislation in relation to the GDPR and Schrems II by GreenburgTraurig.
In a recent article (In French) by ICT journal, the Canton of Zurich published a
Data Protection Impact Assessment (DPIA) for Cloud-Based Health Organizations
- Cloud Computing: Risk Assessment of Lawful Access By Foreign Authorities
- EU SCC Transfer Impact Assessment (TIA)
Data Protection Impact Assessment for the GDPR
Data Protection Impact Assessments: Guidance for Data Controllers Using Microsoft Professional Services
Part 1: Determining whether a DPIA is needed
Part 2: Contents of a DPIA
Download Customizable DPIA document
(more to come, this article will be updated with additional references when necessary)
Other relevant references
EDPB (European Data Protection Board)
Launch of coordinated enforcement on use of cloud by public sector