A process to identify and minimise the data protection risks of a project. DPIAs are usually undertaken when introducing new data processing processes, systems, or technologies.