Data Protection Impact Assessments (DPIAs) 

DPIAs are required under the UK General Data Protection Regulation, where data is being used in a manner that it either is identifiable or there is a risk of an individuals’ identity being revealed. DPIAs are an integral part of taking a privacy by design approach.

A DPIA can reduce the risks of harm to individuals through the misuse of their personal information.  It can also help us to design more efficient and effective processes for handling personal data. 

DPIAs aid us in determining how a particular project, process or system may affect the privacy of the individual, which are designed to enable an assessment prior to new services or new data processing/sharing systems being introduced.

Please see below DPIA summary Log 

DPIA Summary Log 2022-23

Summary Log for previous years are available upon request.  Requests should be made to the CCG Governance Team (NELCCG.GovernanceTeam@nhs.net)