Home page
AARC-G042

AARC-G042 Data Protection Impact Assessment – an initial guide for communities

This report presents the results of the desk study on the evaluation of risks to (personal) data protection as considered in the European General Data Protection Regulation (GDPR), for Infrastructures and their service providers that leverage federated identity management (FIM) to connect research and collaboration users. Specifically, it considers personal data collected as a result of using the infrastructure (not any risks relating to the research data itself, which is a community responsibility) and provides guidance to the Infrastructures concerning Data Protection Impact Assessment (DPIA) in the FIM context. The authors present recommendations to Research Communities for determining the necessity of formal DPIA and guidelines for its execution.
This document does not constitute legal advice in any specific jurisdiction.

Document URLhttps://aarc-project.eu/wp-content/uploads/2018/05/AARC-G042-Data-Protection-Impact-Assessment-initial-guidance-for-communities.pdf
Development informationAARC Project Wiki
Status: Final (30 April 2018)
DOI: assignment deferred
Errata: none
Supersedes: none

aarc-contacts@lists.geant.org

Linkedin Twitter Youtube

© members of the AARC Community. 
The work leading to these results has received funding from the European Union (GAP 101131237) and other sources. The contents of this publication is the sole responsibility of AARC and does not necessarily reflect the opinion of the European Union.