Data Protection Impact Assessments (DPIAs)
Data Protection Impact Assessments (DPIAs) are required under the General Data Protection Regulation (EU) 2016/679. DPIAs are an integral part of taking a privacy by design approach.
DPIAs are required under the General Data Protection Regulation (EU) 2016/679, where data is being used in a manner that it either is identifiable or there is a risk of an individuals’ identity being revealed.
A DPIA can reduce the risks of harm to individuals through the misuse of their personal information. It can also help us to design more efficient and effective processes for handling personal data.
DPIAs aid us in determining how a particular project, process or system may affect the privacy of the individual, which are designed to enable an assessment prior to new services or new data processing/sharing systems being introduced.
Please see below examples of where the CCGs have undertaken Data Privacy Impact Assessments:-
Shred It - Confidential Data Collection - DPIA
Apex Insight - DPIA
HR Provision - DPIA
SMI health checks in primary care - DPIA
Aptan RESPOND database - DPIA
Familial hypercholesterolemia (FH) Service (Primary Care)
Community MSK Physiotherapy Service
Humber Coast & Vale GP Connect
Administration of GnRH analogues
Familial-hypercholesterolemia (FH) Open Door & Quayside
Electronic Palliative Care Co-ordination System (ePaCCS) in Humber, Coast and Vale
Vasectomy (local scheme)
Skin Cancer (local scheme)
Minor Surgery (local scheme)
Special Allocation Scheme
Familial hypercholesterolemia (FH) patient identification -Beacon Medical
Humber Coast & Vale Diabetes Support