EPIF is pleased to share its response to the Article 29 Working Party Guidelines on Data Protection Impact Assessment (DPIA). For EPIF, the central question is what ‘high risk’ means to the regulators and to companies. Companies need legal certainty of how the rules will be applied.