Der Bayerische Landesbeauftragte für den Datenschutz; Stand: 29.05.2018
Data Protection Impact Assessment Software (PIA-Tool)
From 25 May 2018 a data protection impact assessment (DPIA) will be mandatory for some types of processing. The controller shall - among other things - ensure the completeness of a DPIA. Especially measures, risks and threats must be taken into account adequately. A structured method is therefore essential.
The data protection impact assessment methodology of the French Commission nationale de l'informatique et des libertés (CNIL) (external link) offers extensive documentation and a software tool so that the complete cycle of a DPIA can be carried out and documented with the help of software. The software ("PIA-Tool") enables a complete data protection impact assessment to be carried out, which contains all the necessary criteria for a DPIA. In addition to a German translation, which was supported by our office, the software is also available in other languages.
The tool offers on a user-friendly interface to allow for a simple management of your DPIAs. It clearly unfolds the privacy impact assessment methodology step by step. Several visualization tools offer ways to quickly understand the risks.
Who may use the software?
The software can be used freely by anyone and is licensed under the open source license GPL v3.0 (external link). The software is developed by the French data protection supervisory authority CNIL (external Link) and was translated into German in cooperation with us.
Launched as a beta, the PIA tool will evolve in the forthcoming months to include improvements concerning the workflow and user experience. The current beta version can already be used for carrying out DPIAs.
Here on the CNIL website (external link) you can find additional information about the PIA-Tool. The software available there might not contain the latest German translation.
The PIA-Tool can be downloaded directly from our website for Windows (32/64 bit):
You can find the source code in the GitHub repository https://github.com/kosmas58/pia-app/releases (external link).
Our website also contains a guideline for data protection impact assessments developed by us. When using the PIA-Tool, it is recommended to pay particular attention to this guidline ("Orientierungshilfe zur Datenschutz-Folgenabschätzung", available in German language only).