Guidelines for Data Protection Impact Assessments under the GDPR
Our Privacy Policy has been updated! The Conference Board uses cookies to improve our website, enhance your experience, and deliver relevant messages and offers about our products. Detailed information on the use of cookies on this site is provided in our cookie policy. For more information on how The Conference Board collects and uses personal data, please visit our privacy policy. By continuing to use this Site or by clicking "ACCEPT", you acknowledge our privacy policy and consent to the use of cookies. 

Guidelines for Data Protection Impact Assessments under the GDPR

Data Protection Impact Assessments (DPIAs) are required by the EU General Data Protection Regulation (GDPR). This paper summarizes the guidance issued by the EDPB to help companies evaluate whether a project is “high risk,” thus trigging the DPIA requirement. Examples of project that do (and do not) require DPIAs is also included. Published November 2018


OTHER RELATED CONTENT

RESEARCH & INSIGHTS

3 Critical Marketing Moves in a Shutdown

3 Critical Marketing Moves in a Shutdown

October 11, 2025 | Newsletters & Alerts

Change Fatigue: The Silent Comms Challenge

Change Fatigue: The Silent Comms Challenge

October 04, 2025 | Newsletters & Alerts

AI Risk Disclosures in the S&P 500: Reputation, Cybersecurity, and Regulation

AI Risk Disclosures in the S&P 500: Reputation, Cybersecurity, and Regulation

October 03, 2025 | Report

Can Agencies Survive AI?

Can Agencies Survive AI?

September 27, 2025 | Newsletters & Alerts

WEBCASTS

CONFERENCES & EVENTS

Executive Compensation Event

Executive Compensation Event

September 24 - 25, 2026

2026 Corporate Citizenship Summit

2026 Corporate Citizenship Summit

April 23 - 24, 2026 | (New York, NY)
2026 Corporate Communications Event

2026 Corporate Communications Event

March 05 - 06, 2026 | (Brooklyn, NY)

COUNCILS

PODCASTS

PRESS RELEASES & IN THE NEWS