dpia-mitigation-plan

Installation
SKILL.md

DPIA Mitigation Planning

Overview

Article 35(7)(d) GDPR requires a DPIA to include "the measures envisaged to address the risks, including safeguards, security measures and mechanisms to ensure the protection of personal data and to demonstrate compliance with this Regulation." This skill provides a structured mitigation planning framework.

Mitigation Strategy Categories

Technical Measures

Category Examples GDPR Reference
Encryption At-rest, in-transit, end-to-end Art. 32(1)(a)
Pseudonymisation Tokenisation, hashing, key-coded Art. 25(1), Art. 32(1)(a)
Access controls RBAC, MFA, privileged access management Art. 32(1)(b)
Data minimisation Field-level reduction, aggregation, sampling Art. 5(1)(c), Art. 25(1)
Anonymisation k-anonymity, differential privacy, generalisation Recital 26
Monitoring SIEM, DLP, anomaly detection Art. 32(1)(d)
Installs
9
GitHub Stars
187
First Seen
Jun 9, 2026
dpia-mitigation-plan — mukul975/privacy-data-protection-skills