Question to the Department for Science, Innovation & Technology:

To ask the Secretary of State for Science, Innovation and Technology, whether he plans to bring forward legislative proposals to require businesses to carry out data protection impact assessments.

Article 35 of the UK GDPR already requires organisations to carry out a data protection impact assessment if the type of processing they are doing is likely to result in a high risk to the rights and freedoms of individuals.