Data Protection Impact Assessment (DPIA)

GDPR Article 35 requirement triggered by data processing 'likely to result in a high risk to the rights and freedoms of natural persons.' AI systems processing personal data at scale typically trigger this. The DPIA must precede the processing and document the necessity, proportionality, and mitigation measures.

Framework references

• GDPR Art. 35
• EU AI Act Art. 27 (FRIA cross-reference)

Relevant Responsible AI Studio tools

• /tools/dpa-generator
• /tools/ai-bias-audit

More compliance + audit terms

• AI Bill of Materials (AIBOM) →
• AI Incident →
• Algorithmic Impact Assessment (AIA) →
• Audit Trail →

See the full 80-term glossary →