Name
Compliance as a driver of ethical business and customer value for companies
Date & Time
Wednesday, September 24, 2025, 4:30 PM - 5:30 PM
Track
Ethical and profitable business
Description

Presentations in this session:

  • Olga Nielsen, Nordic Data Compliance Centre
  • Louise Helliksen, EYD
  • Victoria Derumier, Entity Director, MyData-Trust

This presentation will explore how traditional Data Protection Impact Assessments (DPIAs) must evolve to remain effective and meaningful in the context of AI systems, particularly those used in healthcare, research, and citizen-facing services.

Drawing from regulatory guidance (including GDPR, the AI Act, and recent EDPB guidelines), real-world case studies, and field experience supporting international companies and research actors, I will outline practical methods to identify and mitigate AI-specific risks—such as bias, opacity, and autonomy of systems—while ensuring transparency, accountability, and lawful data use.

The talk will address:

  • Key challenges of applying DPIA methodology to AI projects
  • How to assess risk when systems are adaptive or operate without full explainability
  • A proposed structure for “AI-aware” DPIAs
  • The intersection of AI risk assessment and data subject rights

The MyData audience will benefit from actionable insights to:

  • Improve their AI risk management frameworks
  • Better engage with vendors and internal teams when deploying AI tools
  • Ensure compliance with evolving EU legal frameworks
  • Promote trust in data-driven innovation

The session aims to bridge legal, ethical, and operational perspectives, making DPIAs a tool for empowerment, not just compliance.

 

Victoria Derumier Olga Nielsen
Speakers
Victoria Derumier, MyData-Trust
Olga Nielsen, Nordic Data Compliance Centre
Location Name
Metso
Session Type
Breakout session