A PIA (Privacy Impact Assessment or Data Protection Impact Assessment – DPIA) aims at building and demonstrating compliance to the General Data Protection Regulation (GDPR) principles.
To assist in this process and take into account all GDPR requirements, CNIL has updated its “PIA Guides” as well as its PIA tool. The method is consistent with the WP29 Guidelines and with risk management international standards.
The report provides an overview of how organizations can operationalize data ethics. It also discusses requirements and challenges with acquiring data access for scientific research, and how this could be done with due regard and protection of privacy.
These guidelines are designed to support educational researchers in conducting research to the highest ethical standards in whatever context it is needed. They are not rules and regulations but do represent the tenets of best ethical practice.