A Data Protection Impact Assessment (DPIA) is one of the most important accountability mechanisms under the General Data Protection Regulation. For AI systems, the DPIA serves as the bridge between abstract regulatory requirements and the concrete risks that machine learning models introduce. This article explains when a DPIA is required for AI systems, what the assessment should cover, and how organizations can build a DPIA process that supports both GDPR compliance and broader AI governance objectives.
What This Means
Article 35 of Regulation (EU) 2016/679 requires data controllers to conduct a DPIA before processing operations that are likely to result in a high risk to the rights and freedoms of natural persons. The European Data Protection Board, continuing the work of the former Article 29 Working Party, has published guidelines that identify nine criteria for determining whether processing is high-risk. AI systems frequently meet multiple criteria simultaneously, making DPIA assessment particularly important for organizations deploying or developing AI. The nine criteria are: evaluation or scoring; systematic monitoring; sensitive data or data of a highly personal nature; data processed on a large scale; matching or combining datasets; data concerning vulnerable subjects; innovative use or new technological or organizational solutions; processing that prevents data subjects from exercising a right or using a service; and automated decision-making with legal or similar significant effects. A system that uses facial recognition for building access (systematic monitoring, innovative use, sensitive data) may meet three criteria. An AI recruitment tool (evaluation/scoring, large-scale, vulnerable subjects, automated decision-making) may meet four. The critical point for compliance teams is that the DPIA is not a one-time documentation exercise. It is a living process that must be revisited when the processing changes, when new risks emerge, or when the context of deployment shifts. An AI system trained on US employee data and later deployed in the EU may introduce different risks that require DPIA reassessment. A model updated with new training data may introduce bias that was not present in the original assessment. For organizations subject to both GDPR and the EU AI Act, the DPIA and the risk management system under Article 9 of the EU AI Act serve related but distinct purposes. The DPIA focuses on risks to data subjects' rights and freedoms. The EU AI Act risk management system focuses on risks to health, safety, and fundamental rights. An AI system that scores job applicants may pose a high risk to the applicant's right to non-discrimination (DPIA concern) and simultaneously be classified as high-risk under Annex III of the EU AI Act. Both assessments are required.
Key Requirements
Systematic and extensive profiling.
AI systems that evaluate personal aspects relating to a natural person — their work performance, economic situation, health, preferences, interests, reliability, behavior, location, or movements — constitute profiling under Article 4(4) GDPR. When this profiling is systematic and extensive, it is a high-risk processing activity that requires a DPIA. This criterion applies to many AI systems used in human resources, financial services, marketing, and healthcare. The EDPB does not provide a fixed numerical threshold for "large-scale." Instead, it considers the number of data subjects, the volume of data, the duration of processing, and the geographical extent. An AI system processing data about thousands of job applicants or millions of consumers may qualify as large-scale. Organizations should not assume that a system is exempt because it processes fewer than a specific number of individuals.
Vulnerable individuals.
AI systems that process data about children, employees, patients, or other vulnerable groups carry heightened risk. A recruitment AI system affects individuals who are in a dependent position relative to the employer. A healthcare AI system affects patients who may be unable to exercise their rights effectively. The DPIA must specifically assess the impact on these vulnerable groups and identify additional safeguards.
Innovative use and new technologies.
AI is explicitly identified as an innovative technology that may require a DPIA. The novelty of AI processing means that risks may not be fully understood at the time of deployment. The DPIA should acknowledge uncertainties, describe how the organization will monitor for emerging risks, and include a plan for reassessment as the technology evolves or as new guidance is published.
Matching or combining datasets.
AI systems that combine data from multiple sources — for example, combining HR records with social media data or credit bureau data with transaction history — create risks that do not exist in isolation. The DPIA must assess the cumulative effect of combining datasets and evaluate whether the combined data reveals new information about individuals that is more sensitive than any single source.
Necessity and proportionality.
The DPIA must assess whether the processing is necessary and proportionate to the purpose. For AI systems, this is a demanding standard. Organizations must demonstrate that the AI system is the least intrusive means of achieving the stated purpose, that the benefits justify the risks, and that data subjects' interests are not overridden. A DPIA that does not seriously engage with the question of proportionality is unlikely to satisfy regulatory scrutiny.
Practical Steps
Start with a screening questionnaire.
Before conducting a full DPIA, use a screening tool to determine whether the AI system meets any of the high-risk criteria. The EDPB provides a template screening questionnaire. Many supervisory authorities have published their own versions. Adapt the questionnaire to your organization's AI use cases and document the screening results for each system.
Map the data lifecycle.
For each AI system, document every stage of data processing: collection, storage, preparation, training, validation, testing, deployment, inference, and deletion. Identify who has access to the data at each stage, what safeguards are in place, and where the data travels. For AI systems that process personal data, this mapping is essential for both the DPIA and the broader data governance framework.
Assess algorithmic fairness and bias.
The DPIA must address the risk that the AI system produces discriminatory outcomes. This requires examining training data for historical bias, testing model outputs across demographic groups, and identifying mitigation strategies. Document the fairness metrics used, the test results, and any limitations of the testing approach. Be transparent about what the organization does not know.
Engage stakeholders.
Article 35(9) requires consultation with the Data Protection Officer where designated. It also requires, where appropriate, consultation with data subjects or their representatives. For AI systems, consider engaging with affected communities, civil society organizations, and subject matter experts. Their perspectives may reveal risks that the technical team has not considered. Document the consultation process and how feedback was incorporated.
Design mitigation measures.
The DPIA must identify measures to address identified risks. For AI systems, these may include: human-in-the-loop review for high-stakes decisions; regular model retraining and validation; output monitoring and alerting; data minimization and pseudonymization; and clear procedures for handling data subject rights requests. Each measure should be linked to a specific risk and should be proportionate to the severity and likelihood of that risk.
Review and update.
The DPIA should be reviewed at least annually and whenever there is a significant change to the processing. For AI systems, significant changes include model updates, new training data, deployment in a new context, changes to the affected population, or the emergence of new regulatory guidance. Maintain a log of DPIA reviews and the rationale for each update. If the risk profile changes significantly, consider whether a new DPIA is required.
Related Resources
GDPR and AI Compliance
EU AI Act Compliance
Frequently Asked Questions
When is a DPIA required for an AI system?
A DPIA is required under Article 35 GDPR when processing is likely to result in a high risk to the rights and freedoms of natural persons. The EDPB has identified criteria that commonly apply to AI systems: systematic and extensive evaluation of personal aspects (profiling), large-scale processing of sensitive data, systematic monitoring of publicly accessible areas, and use of new technologies. AI systems for recruitment, credit scoring, health assessment, or criminal risk evaluation typically require a DPIA.
Who is responsible for conducting the DPIA?
The data controller is responsible for conducting the DPIA. If multiple controllers are involved in processing, they may conduct a joint DPIA. Where processors are involved, they must assist the controller. For AI systems, this means the organization deploying the AI system (or deciding to deploy it) bears responsibility, even if the system was developed by a third-party vendor. The DPIA must be completed before processing begins.
What must a DPIA for AI include?
A DPIA must include: a systematic description of the processing and its purposes; an assessment of the necessity and proportionality of the processing; an assessment of risks to the rights and freedoms of data subjects; and the measures envisaged to address those risks, including safeguards, security measures, and mechanisms to ensure protection of personal data. For AI systems, the assessment should specifically address algorithmic bias, model interpretability, data quality, and the rights of affected individuals.
Can a DPIA be reused for similar AI systems?
The EDPB recognizes that organizations may conduct a single DPIA for a set of similar processing operations with similar high risks. However, AI systems are rarely identical in their risk profile. Differences in training data, deployment context, affected population, or decision outcomes may create different risks. Organizations should not reuse a DPIA without verifying that the risk assessment remains accurate for the specific system in question.