Important Notice: Our web hosting provider recently started charging us for additional visits, which was unexpected. In response, we're seeking donations. Depending on the situation, we may explore different monetization options for our Community and Expert Contributors. It's crucial to provide more returns for their expertise and offer more Expert Validated Answers or AI Validated Answers. Learn more about our hosting issue here.

I only intend to put RFID tags on my products, not in personal employee devices. Do I still need to conduct a privacy and data protection impact assessment?

April 26, 2017conduct Data protection Devices employee intend privacy products RFID Tags

0

Posted

I only intend to put RFID tags on my products, not in personal employee devices. Do I still need to conduct a privacy and data protection impact assessment?

1 Answer

0

Posted

Yes. RFID applications can become very complex and have consequences, notably for privacy, that were not initially intended. However, the level of detail of your assessment should be proportionate to the risks associated. Privacy and data protection impact assessments can be short if the risk is quickly determined to be insignificant. I am a service company which uses or manages RFID applications for my clients…