DPIA for AI tools: when it's required and how to do it
A DPIA is mandatory when AI tools process personal data at high risk. Learn when the obligation applies and how to complete one step by step.
A DPIA — Data Protection Impact Assessment — is a mandatory risk analysis under the GDPR that you conduct before processing personal data in a way likely to result in high risk to individuals. For AI tools, that threshold is almost always met. Here is what a DPIA involves, when it is required, and how to complete one.
What is a DPIA?
A DPIA is a structured process for identifying, assessing, and mitigating the privacy risks of a data processing activity — completed before the processing begins.
It covers three things: describing what you do with personal data, assessing whether that processing is necessary and proportionate, and identifying risks to the rights of the people whose data you process. You then put measures in place to control those risks.
A DPIA is not optional paperwork. If your analysis concludes that residual risks remain high and cannot be adequately mitigated, you are required to consult your supervisory authority before proceeding. That authority can object or impose additional requirements.
The data controller — your organisation — is responsible for the DPIA, even when you use an external AI tool. Outsourcing the processing to a vendor does not transfer that obligation.
When is a DPIA required?
A DPIA is required when processing is 'likely to result in a high risk to the rights and freedoms of natural persons.' The European Data Protection Board has published nine criteria. If your processing meets two or more, a DPIA is mandatory.
| Criterion | AI relevance | Examples |
|---|---|---|
| Evaluation or profiling | High | AI that analyses customer behaviour or scores employees based on output |
| Automated decision-making with legal effects | High | AI-driven hiring, credit decisions, automated access control |
| Systematic monitoring | Medium–high | AI tools that analyse email, chat, or work patterns |
| Special category data | High | Health data, biometrics, political opinions, ethnic origin |
| Large-scale processing | High | LLMs process large volumes of input data by design |
| Matching or combining datasets | Medium | AI that combines data from multiple sources for analysis |
| Vulnerable groups | Context-dependent | HR tools, healthcare applications, education AI |
| Innovative technology | High | AI is by definition an innovative technology with uncertain risks |
| Transfer outside EU/EEA | Medium–high | Cloud providers such as Anthropic, OpenAI, and Google are US companies |
For a typical business AI application — an LLM answering customer emails, a dashboard analysing employee data, a chatbot on your website — at least two criteria apply almost by default. Large-scale processing and innovative technology alone are sufficient. A DPIA is then an obligation, not a choice.
Processing special category data — health information, ethnicity, political views, sexual orientation — makes a DPIA mandatory regardless of other criteria. This matters if employees or customers submit free-form text that may contain such data.
Why AI tools almost always trigger a DPIA.
AI differs from conventional software in ways that directly affect privacy risk: it is largely unpredictable, difficult to explain, and processes data at a scale that is often opaque even to its owner.
Three characteristics of AI that shape your DPIA:
- Implicit profiling. LLMs and ML models infer patterns from data even when that is not the stated intent. When an AI tool categorises people based on their behaviour, language, or choices, that counts as profiling under the GDPR — intentional or not.
- Third-party processing. Virtually all AI tools send data to a cloud provider. That provider becomes a processor. You need a Data Processing Agreement and must know where data goes — including whether it leaves the EU.
- Limited explainability. You typically cannot give a precise account of why an AI model produced a specific output. Article 22 GDPR gives individuals the right to a meaningful explanation for automated decisions. If you cannot provide that, it is a risk that belongs in your DPIA.
How to conduct a DPIA: five steps.
A DPIA follows the same logic regardless of organisation size or tool complexity. The depth of the analysis scales with the risk level.
- Describe the processing. What data do you process, from whom, for what purpose, for how long, and who has access? Include processors: which external parties receive data? Be specific — 'we use AI tool X to classify support tickets for routing' is more useful than 'we use AI for support.'
- Assess necessity and proportionality. Is the processing necessary for the stated purpose? Can you achieve the same outcome with less data or a lower-risk approach? What legal basis applies — consent, legitimate interests, contract performance? Document your reasoning.
- Identify risks. What can go wrong for individuals? Consider: unauthorised access, data breaches, discriminatory outputs, erroneous decisions based on AI output, loss of human oversight, reputational harm. Rate likelihood and impact for each risk on a three-point scale.
- Define mitigating measures. Technical: encryption, access controls, zero-retention options, data minimisation. Organisational: training, oversight procedures, incident response. Legal: data processing agreements, standard contractual clauses for transfers outside the EU.
- Document, formalise, and review. Record everything in a DPIA report. If you have a Data Protection Officer, they must be consulted. A DPIA is not a one-time exercise: review it when the processing or the system changes materially.
DPIA checklist template.
Use this structure as the basis for your DPIA document. Work through each section for the specific AI tool you are deploying.
| DPIA section | Key questions |
|---|---|
| 1. Processing description | Which AI tool? What personal data? From whom? For what purpose? Retention period? |
| 2. Parties involved | Who is the data controller? Which processors? Data processing agreements in place? |
| 3. Necessity and proportionality | Is processing necessary? What legal basis? Less risky alternatives considered? |
| 4. Risk identification | Which risks to individuals? Likelihood (low/medium/high)? Impact (low/medium/high)? |
| 5. Mitigating measures | Technical controls? Organisational controls? Residual risk acceptable? |
| 6. Consultation and approval | DPO consulted? Supervisory authority consultation required? Management sign-off? |
| 7. Review schedule | When will the DPIA be reviewed? Who owns updates? |
Claude and DPIA: what you need to know.
If you deploy Claude in a business context where personal data is processed, several specifics are relevant to your DPIA.
Anthropic as processor. When you use Claude via the API or Claude.ai for Work and personal data flows through prompts or outputs, Anthropic acts as a data processor. Anthropic provides a Data Processing Agreement. Executing that DPA is a GDPR requirement — processing personal data without a valid DPA is non-compliant.
Data location. Anthropic is a US company. Without additional configuration, processing runs on US servers. Transfers outside the EU/EEA require a legal mechanism, typically standard contractual clauses. Claude Enterprise offers EU data residency as an option — a technical measure worth documenting in your DPIA.
Zero data retention. Claude Enterprise provides zero data retention: Anthropic does not store prompts or outputs for model training or any other purpose. This significantly reduces the risk profile and is a concrete technical measure to record in your risk mitigation section.
What goes in is your responsibility. If employees submit customer records, HR data, or other personal information in prompts, you are processing that data. An acceptable use policy governing what employees may input into AI tools is an organisational control your DPIA should reference.
For a detailed guide on deploying Claude in an enterprise context, see our article on rolling out Claude Enterprise. For the broader EU compliance picture, our article on EU AI Act compliance for companies covers the intersection of the AI Act and GDPR obligations.
A DPIA is not red tape. It is the clearest way to understand what you are actually doing with personal data, what can go wrong, and what you are doing about it. Organisations that complete DPIAs thoughtfully are better positioned with regulators, with customers, and with employees who want confidence that their data is handled responsibly.