data protection impact assessment (dpia)

Data Protection Impact Assessments (DPIA) are an integral part of taking a privacy by design approach. The ICO has issued a code of practice explaining the principles which form the basis for a DPIA and, together with the GDPR Articles (35/36) and the EU Article 29 Working Party (WP29) guidance, state exactly what needs to be included to comply with the regulation.

DPIAs are a tool that can be used to identify and reduce the privacy risks of projects and ensure the concept of Data Protection by Design and by Default is being implemented. A DPIA can reduce the risks of harm to individuals through the misuse of their personal information. It can also help organisations to design more efficient and effective processes for handling personal data. By integrating the core principles of the DPIA process within existing project and risk management policies it is possible to reduce the resources necessary to conduct the assessment. In addition, it can assist spreading awareness of data privacy throughout an organisation.


CRATOR by securestorm

Securestorm's solution enables you to conduct Data Protection Impact Assessments as required under the UK Data Protection Act (1998) as well as the EU General Data Protection Regulation (GDPR). We have implemented the UK Information Commissioners Office (ICO) DPIA methodology within CRATOR to ensure compliance.

Main features:

  • Provide bespoke Policy & procedure documents (pragmatic, relevant and workable)
  • Pre-DPIA screening
  • Online DPIA tool (offline versions are available too)
  • Simplified user journey & data-mapping process
  • Provide review of results provide support, advice and challenge, if required
  • Provide data protection risk advice and guidance regarding solutions
  • Provide compliance monitoring & oversight that processes are being adhered to


Screen Shot 2018-08-15 at 10.09.39.png


Successfully implemented in multiple Public & Private sector organisations, CRATOR - the DPIA Tool by Securestorm is available to help with your GDPR & Data Protection Compliance needs.

To arrange a complimentary DEMO or get additional information on CRATOR tool tailored to your organisation's infrastructure, process and operations please get in touch via or call 0203 8655890 for advice and consultation.