#GDPR and #ePrivacy are hot topics in the UK and Europe but moving forward we suspect most businesses will need to Privacy Impact Assessments ( #PIA ) whenever a new policy or procedure is introduced or a new project or assignment is under taken. A proportionate response that does not involve unnecessary form filling, box ticking, and endless consultation is going to be essential if the related burden is to be minimised Those completing PIA will need to consider both physical and informational privacy Informational privacy – the ability of a person to control, edit, manage and delete information about themselves and to decide how and to what extent such information is communicated to others. Intrusion can come in the form of collection of excessive personal information, disclosure of personal information without consent and misuse of such information. It can include the collection of information through the surveillance or monitoring of how people act in pub