In an article for the IAPP, Baker Mackenzie Partners Helena Engfeldt and Elisabeth Dehareng write that all organisations should establish and reinforce internal messaging that all data processing activities must be reviewed with a focus on data minimisation. Organisations should consider a threshold assessment for each process, program or product where data privacy and AI considerations are addressed at a high level. Depending on the outcome of an initial assessment, a deeper dive may be required, and activities may need to be restricted by jurisdiction.
The article recommends implementing governance protocols for the entire workforce, understanding the tools and processes organisations use, minimising the processing of sensitive personal information, making sure agreements include all required restrictions, following design and default data minimisation elements outlined by the EDPB guidelines, and ensuring data minimisation compliance is documented as part of an impact and risk assessment (DPIA).
What is this page?
You are reading a summary article on the Privacy Newsfeed, a free resource for DPOs and other professionals with privacy or data protection responsibilities helping them stay informed of industry news all in one place. The information here is a brief snippet relating to a single piece of original content or several articles about a common topic or thread. The main contributor is listed in the top left-hand corner, just beneath the article title.
The Privacy Newsfeed monitors over 300 global publications, of which more than 4,350 summary articles have been posted to the online archive dating back to the beginning of 2020. A weekly roundup is available by email every Friday.
