A Data Protection Impact Assessment (DPIA) is a process to help you identify and minimise the data protection risks of a new project, system or process (or changes to existing ones).

You must do a DPIA for processing that is likely to result in a high risk to individuals. This includes some specified types of processing. You can use our DPIA Screening Checklist within the DPIA template to help you decide when a Full DPIA is required.

It is also good practice to do a DPIA for any other major project which requires the processing of personal data.

The Trust's DPIA template is available here.

If you need support when completing the form, please email IG@merseycare.nhs.uk.

Further information is available on the Information Commissioner's Office's website.