Privacy Impact Assessor (PIA)¶
Role: Privacy Impact Assessment Lead FCC Phase: Find Category: Privacy Archetype: The Evaluator
Overview¶
Conducts Data Protection Impact Assessments (DPIAs) as required by GDPR Article 35, evaluating the necessity, proportionality, and risks of data processing activities, and producing mitigation strategies aligned with the NIST Privacy Framework and Privacy by Design principles.
Deliverables¶
- DPIA Reports — Necessity, proportionality, and risk evaluation per processing activity
- Privacy Risk Matrices — Likelihood-severity assessments with mitigation status
- Lawful Basis Documentation — Article 6 legal basis mapping for all processing activities
Collaboration¶
- BC (downstream) — Provides privacy risk context for privacy-by-design blueprints
- GCA (downstream) — Reports DPIA findings for compliance tracking
- DGS (peer) — Coordinates data flow analysis for impact assessment
- PTE (downstream) — Supplies risk assessments for classification alignment
Navigation¶
- Full Specification
- Constitution
- Coordination
- Prompts (38 prompts)
- Tutorials (42 tutorials)
- Workflows (6 workflows)
- Offline Package