The DPIA
The DPIA is a bitesize assessment of the impact of the most significant, interesting and important-to-know data protection issues. It’s not the full story, just a brisk, 3-minute resumé, collated and condensed especially for busy privacy professionals to ensure you’re aware of what’s happening in our fascinating, dynamic and engaging industry.
The DPIA is delivered on a bi-weekly basis, direct to your inbox. To stay up-to-date on all things data protection, sign up to the DPIA by clicking here.
PREVIOUS MAILINGS
If you would like to take a look at some of the topics previously covered in the DPIA, click on the links below to read some of our historic issues from past months.
| Date | Blog topic | Link |
| 28 Oct 2025 | Pseudonymisation under the GDPR: What the latest EU ruling means for organisations | View |
| 14 Oct 2025 | EU Data Act explained: What it means for connected products, services, and IoT devices | View |
| 30 Sep 2025 | Using AI for DSAR responses: What every organisation should know | View |
| 16 Sep 2025 | AI social engineering attacks: Protect data and stay compliant | View |
| 2 Sep 2025 | AI Impact Assessments: What are they and why do you need one? | View |
| 19 Aug 2025 | Privacy Management Platforms: A practical guide for strengthening privacy operations | View |
| 5 Aug 2025 | CRM data retention: Balancing commercial objectives with GDPR compliance | View |
| 22 Jul 2025 | GDPR compliance in white label banking | View |
| 8 Jul 2025 | How to share data legally for safeguarding | View |
| 24 Jun 2025 | Early overview of the Data (Use and Access) Act 2025 (DUAA) | View |
| 10 Jun 2025 | Clinical trials part 3: GDPR considerations for Informed Consent Forms | View |
| 27 May 2025 | CCTV and GDPR: What organisations get wrong | View |
| 13 May 2025 | Clinical trials part 2: Data protection considerations for vendor Data Processing Agreements | View |
| 29 Apr 2025 | Europrivacy certification: Why your organisation needs it | View |
| 15 Apr 2025 | Clinical trials part 1: Data protection considerations for Clinical Trial Agreements | View |
| 1 Apr 2025 | Rise of the machines: Does AI spell death for human recruiters? | View |
| 18 Mar 2025 | ICO’s guidance on Consent or Pay: What you need to know | View |
| 4 Mar 2025 | Building a privacy office: Key strategies for EU/UK compliance | View |
| 18 Feb 2025 | How to write a clear and compliant Privacy Notice | View |
| 4 Feb 2025 | GDPR DPO requirements: What qualifies as large-scale processing? | View |
| 21 Jan 2025 | Bank due diligence: Data protection checklist for providers | View |
| 7 Jan 2025 | Microsoft Copilot: Privacy concerns and compliance tips for 2025 | View |
| 24 Dec 2024 | Data protection 2024: Key trends and predictions for 2025 | View |
| 10 Dec 2024 | Navigating international data transfers: TIAs vs TRAs | View |
| 26 Nov 2024 | Understanding GDPR territorial scope: Essential compliance guide | View |
| 12 Nov 2024 | How social communication channels impact DSARs | View |
| 29 Oct 2024 | How data protection builds customer trust and loyalty | View |
| 15 Oct 2024 | Compliance with the AI Act Part 4: Essential Strategies | View |
| 1 Oct 2024 | Live facial recognition deployment and data protection compliance | View |
| 17 Sep 2024 | How to choose the right lawful basis for clinical trial data processing | View |
| 3 Sep 2024 | How to apply the GDPR to historic records | View |
| 20 Aug 2024 | Compliance with the AI Act Part 3: Who must comply and what are the obligations? | View |
| 6 Aug 2024 | Understanding data protection liabilities for C-suite executives and senior leaders | View |
| 23 Jul 2024 | Protecting patient data: How to stay CQC compliant | View |
| 9 Jul 2024 | Unveiling dark patterns: Sales tactics and regulatory compliance | View |
| 25 Jun 2024 | Compliance with the AI Act: What you need to know (part 2) | View |
| 11 Jun 2024 | Compliance with the AI Act: What you need to know (part 1) | View |
| 28 May 2024 | Exploring Canadian privacy laws with Ray Pathak | View |
| 14 May 2024 | Quebec’s Law 25: A guide to support compliance | View |
| 30 Apr 2024 | Data protection checklist for mergers and acquisitions | View |
| 16 Apr 2024 | Data protection compliance: Law firm vs outsourced DPO services | View |
| 2 Apr 2024 | How to identify a phishing email: Safeguarding your organisation | View |
| 19 Mar 2024 | What is a DPA and why do you need one? | View |
| 5 Mar 2024 | EDPB Report: Challenges faced by DPOs in Europe | View |
| 20 Feb 2024 | GDPR advice for SaaS companies entering EU & UK markets | View |
| 6 Feb 2024 | Thailand’s PDPA vs EU’s GDPR: A comparative review | View |
| 23 Jan 2024 | International Data Transfers: Explaining EU SCCs, UK Addendum, and UK IDTA | View |
| 9 Jan 2024 | NHS DSPT: A guide to the latest requirements and avoiding common mistakes | View |
| 26 Dec 2023 | Data Protection in 2023: A year in review | View |
| 12 Dec 2023 | Data retention and the GDPR: Best practices for compliance | View |
| 28 Nov 2023 | GDPR Representative: Do you need one? | View |
| 14 Nov 2023 | Lead generation and the GDPR: Are you compliant? | View |
| 31 Oct 2023 | Vendor due diligence & GDPR compliance: 5 practical steps |
View |
| 17 Oct 2023 | Subject Access Request exemptions: When can information be withheld? | View |
| 3 Oct 2023 | What is a DPIA? | View |
| 19 Sep 2023 | EU-US Data Privacy Framework: 3rd time lucky? | View |
| 5 Sep 2023 | Data breach management: 5 tips for an effective response | View |
| 22 Aug 2023 | Standard Contractual Clauses (SCCs) for data transfers | View |
| 8 Aug 2023 | DSAR guidance: Preventing misunderstandings | View |
| 25 Jul 2023 | Challenges and considerations for life sciences | View |
| 11 Jul 2023 | AI and GDPR compliance | View |
| 27 Jun 2023 | Insights from the latest DP Index on the proposed UK data protection bills | View |
| 13 Jun 2023 | 5 lessons learned from 5 years of the GDPR | View |
| 30 May 2023 | Marketing to businesses: What you need to know | View |
| 16 May 2023 | Marketing to private individuals: What you need to know | View |
| 2 May 2023 | Happy 5th Birthday: GDPR (General Data Protection Regulation) | View |
| 18 Apr 2023 | The role of a DPO: Dismissal and conflicts of interests | View |
| 4 Apr 2023 | The DP Index Results: Stability in uncertain times? | View |
| 21 Mar 2023 | An insight into U.S. data protection laws | View |
| 7 Mar 2023 | FOI vs DSAR: What’s the difference? | View |
| 21 Feb 2023 | CJEU Decision: Data subjects have the right to know who has received their personal data | View |
| 7 Feb 2023 | Electronic marketing: Everything you need to know | View |
| 24 Jan 2023 | Charity FAQs: How does GDPR relate to my organisation? | View |
| 10 Jan 2023 | International Data Transfers: What does the UK guidance mean? | View |
| 27 Dec 2022 | Data Protection Index results: A year in review | View |
| 13 Dec 2022 | The Digital Markets Act and GDPR: Considerations for ‘gatekeepers’ | View |
| 29 Nov 2022 | What is the European Health Data Space? | View |
| 15 Nov 2022 | Is outsourcing the solution to data protection compliance during a downturn? | View |
| 1 Nov 2022 | Google Analytics 4 doesn’t have to be scary – here’s what you need to know | View |
| 18 Oct 2022 | Biden signs Executive Order to implement the EU-US data privacy framework | View |
| 4 Oct 2022 | What is Data Protection by Design? | View |
| 20 Sep 2022 | DP Index results: DPOs indicate that a ‘senior responsible individual’ will not be in the best interest of the data subjects | View |
| 6 Sep 2022 | Clinical trials: Ensuring there is no ‘trial and error’ for sponsors when it comes to data protection | View |
| 23 Aug 2022 | The do’s and don’ts of processing biometric data | View |
| 9 Aug 2022 | DBS Checks: how to stay compliant with UK GDPR | View |
| 26 Jul 2022 | Your DSAR questions answered | View |
| 12 Jul 2022 | Future global data protection laws – what can we expect? | View |
| 28 Jun 2022 | DCMS consultation response – greater clarity or mass uncertainty? | View |
| 14 Jun 2022 | Data breaches – prevention is better than cure | View |
| 31 May 2022 | Top 5 DSAR challenges and how to deal with them | View |
| 17 May 2022 | Happy Birthday GDPR: Looking into the future technology and global privacy | View |
| 3 May 2022 | Website cookies – past, present and future | View |
| 19 Apr 2022 | AI and Article 22: The need for meaningful human review | View |
| 5 Apr 2022 | Vendor due diligence – what you need to consider | View |
| 22 Mar 2022 | Bcc Vs Cc – Bulk email practices explained | View |
| 8 Mar 2022 | Discrimination and AI: ensuring fairness in data | View |
| 22 Feb 2022 | Password management – why ‘password’ shouldn’t be your password | View |
| 8 Feb 2022 | How does corporate structure affect GDPR compliance? | View |
| 25 Jan 2022 | AI and the right to an explanation | View |
| 11 Jan 2022 | Can we keep a record of vaccinated employees or customers? | View |
| 29 Dec 2021 | Brexit – a year in review | View |
| 14 Dec 2021 | DPIAs – the DPO Centre ‘how to’ guide | View |
| 30 Nov 2021 | Hiring a Data Protection Officer – internal vs outsourced | View |
| 16 Nov 2021 | DPIAs and AIAs: The AI data controller’s best friends | View |
| 2 Nov 2021 | DCMS Consultation – The five things you need to know | View |
| 19 Oct 2021 | UK Data Protection Index results reveal drop in DPOs’ compliance confidence | View |
| 5 Oct 2021 | Five key considerations for the use of AI | View |
| 21 Sep 2021 | GDPR for marketing – the DPO’s guide 2021 | View |
| 7 Sep 2021 | Third party DSAR portals – good or bad? | View |
| 24 Aug 2021 | Is digital data protection training enough? | View |
| 10 Aug 2021 | The Data Protection Act 2018 – The 7 principles of the GDPR | View |
| 27 Jul 2021 | Data retention – the big privacy headache | View |
| 13 Jul 2021 | The Do’s and Don’ts of monitoring employees using CCTV | View |
| 29 Jun 2021 | The ICO’s Age-appropriate Design Code – 2 months to comply | View |