Risk, Resilience & Compliance


Data Protection Impact Assessment (DPIA)

Data Protection Impact Assessment (DPIA)

The General Data Protection Regulation (AVG) requires several organizations to appoint a Data Protection Officer (or FG). But what does a Data Protection Officer actually do? Or its advisory colleague, the Privacy Officer? In any case, it is not easy work: an FG needs to know a lot, but also has to make difficult trade-offs and (if the FG role is a part-time role) combine this role with numerous other roles. If that is at all possible, because an FG must be an independent position from the point of view of the AVG.

For this reason, the role of Data Protection Officer or Privacy Officer is also often placed outside the organization. From Highberg, our privacy specialists work as (interim) Data Protection Officers or Privacy Officers. But which type actually suits you? Are you looking for an authority who keeps a straight back? A sparring partner who puts your interests first? Or are you looking for an advisor who helps and builds bridges?

Laura Natrop
Laura Natrop

Get in touch

Placeholder text

Highberg assists organizations in conducting a DPIA. We have developed a practical method that has proven itself in practice. This method complies with the requirements of the GDPR. We systematically visualize privacy risks in collaboration with all relevant stakeholders and swiftly and effectively deliver clear results.


Privacy Podcast

A DPIA & Security in healthcare

The Privacy Impact Assessment is often seen as a complicated and time-consuming activity. But nothing is less true. A DPIA is actually fun. Frank van Vonderen therefore publishes his book, 'Hooray! A DPIA!' to. Sander Vols tells more about the background of the recent data breach at Bureau Jeugdzorg Utrecht. He calls on healthcare organizations to start implementing the new NEN7510.

Related Insights