In our series, Pensions Life Hacks, we provide top tips to help trustees deal with tricky situations. These are based on issues that we have come across in practice and we would like to help you to avoid the pitfalls.
In the fourth edition of our Pensions Life Hacks series, Pensions partner Philip Sutton focuses on Data Protection Impact Assessments (DPIA). A DPIA is a way for data controllers, such as pension trustees, to build and demonstrate compliance with data protection requirements. Under UK GDPR, trustees are required to undertake a DPIA where a type of processing, in particular using new technologies, is likely to result in a high risk to the rights and freedoms of individuals.