A blog by Michael Murray, ICO’s Head of Regulatory Strategy.
This first blog will explore the Data Protection Impact Assessments (DPIAs) standard.
What is a DPIA and what’s in it for me?
All organisations in the scope of the Children’s Code are obligated to complete a DPIA. So, if you run an online service that’s likely to be accessed by children, you must complete one. Not only is undertaking a DPIA one of the standards laid out in the Children’s Code, it is also a key part of organisations’ accountability obligations under the UK GDPR.
A DPIA is a process to help you assess and mitigate the data protection risks of your service to the rights of children who are likely to access it. DPIAs are a powerful tool used from concept stage to deployment and beyond.
Read more on the ICO’s web site.