Privacy Impact Assessment

Privacy Impact Assessment

A training course addressing these issues:

A Privacy Impact Assessment is an important risk assessment process required by the General Data Protection Regulation.

Why is it important? It allows the companies to evaluate the risks, which they face with, to discover the strength and weaknesses of the organisation, to investigate the weak points, to take appropriate measures for improving the privacy protection of the individual's data.

Privacy Impact Assessment helps the company to prevent and avoid the damages of possible data breaches and data losses.

Privacy Impact Assessment is an important element in improving the data protection system of the company, which helps to meet the GDPR requirements, to prevent the risks and to avoid the fines.

This module is part of the EDMworks Data Management Agenda for Privacy

Completion of the course will provide the delegate with:

- An understanding the importance of Privacy Impact Assessments

- Discovery of the privacy by design approach

- An understanding of the benefits of Privacy Impact Assessment for individuals and companies

- An approach to evaluating the risks which the business faces

- An approach to deciding when Privacy Impact Assessments should be done

- Defining the organisation to control the Privacy Impact Assessment

- The stages of PIA and how to incorporate them into their business

- Team responsibilities for conducting PIA

The course is structured into the following components:

The course is segmented into two modules. The contents of the modules are described in the course contents.

The course consists of:

- A one day seminar/workshop, highly interactive with case study exercises and feedback

- An eLearning self-paced module on the General Data Protection Regulation to provide background on GDPR and managing data about people

Duration and timing

The workshop is a full day from 9-5pm.

The eLearning module has an approximate duration of 1 hour.

On-line certification

The workshop has a certificate of completion.

The eLearning module has an optional certification test.


On the eLearning modules there are self-assessments in each module that you can take as many times as you like.

This is confidential and does not form part of your test score.

On successful completion, a certificate is issued and an on-line record of achievement is maintained in our register

Global availability

The course modules and certification test are globally available without restriction.

They can be accessed 24/7.


The cost of the course for one delegate is GBP 650 includes the workshop and two eLearning courses (approx value GBP 200.00) (plus VAT where applicable). 


When making payment you will be presented with several different PayPal options. Please choose the right one for you. If you have any queries, please contact us at


If you would like to pay against an invoice then please email us with Purchase Order details at

Corporate Rates

If you are interested in making a bulk corporate order, please email for more information.

This provides the delegate with:

- The workshop and eLearning Courses

- A recognised certificate

- Entries in the EDMworks Register

- The option to make this record public for job requirements

Course Contents

The regulatory framework (supplementary eLearning)

- Scope, objectives, principles and rights

- Obligations, roles and accountabilities

- Transfers and contracts

- Liabilities and penalties

- Privacy by design and default

- Privacy Impact Assessments

- Breach Incident Management

- Self regulatory aspects and liaison with supervisors

- Examples of other self-regulatory regulations

Where is the data we are protecting

- Data at the heart. Interaction with process and management

- Data flows and stores

- Data architecture and systems inventory

PIA overview

- Why is PIA needed? Aims of PIA

What is privacy?

- Privacy, informational Privacy

- Privacy by Design and its role in PIA

Benefits of PIA

- Benefits of PIA for individuals and companies

Cases of assessment

- Cases of assessment of the impact of the envisaged processing operations on the protection of personal data

- Special categories of data


- Data Protection Officer

- Supervisory authority

What will the assessment contain?

- Elements of Assessment

Stages of PIA

- PiA Preparation

- PIA Process

- Review and Audit


Last modified: Monday, 26 September 2016, 2:14 PM