Back
Data Protection Impact Assessment
Template provided by
AIAgens
aiagens.ch

Data Protection Impact Assessment

Pursuant to nFADP Art. 22 / GDPR Art. 35

Version
1.0
Created
2026-04-06
Owner
[Name]
Status
Draft

1 Project Description

Project Title

Title
Deployment of AI Voice Assistant for Appointment Scheduling

Data Controller

Organization
[Your Organization]

Processing Description

Pre-filled
AIAgens AI voice assistant handles incoming phone calls for appointment booking, modification, and cancellation. The system uses real-time speech-to-text conversion, processes natural language for scheduling, and integrates with the practice's calendar system.

Purpose of Processing

  • Automated appointment booking outside business hours
  • Reduction of caller wait times
  • Efficient resource utilization

2 Data Flows

Data Flow Diagram

Patient Calls
Voice (Real-time)
AI Processing
Appointment Data
Calendar

Data Categories Processed

Category Data Elements Retention Location
Voice Data Audio stream None (real-time) EU
Triage Data (Transcripts) Transcript (no audio) Zero retention (real-time processing); long-term: controller EU (Germany)
Contact Data Name, phone Per contract EU (Germany)
Appointment Data Date, time, type Per contract Your calendar

3 Necessity Assessment

Legal Basis

  • Consent (Art. 6(1)(a) GDPR / Art. 31 nFADP)
  • Contract performance (Art. 6(1)(b) GDPR)
  • Legitimate interest (Art. 6(1)(f) GDPR)

Proportionality

Assessment
Processing is limited to the minimum necessary for the purpose. Voice data is not retained, only extracted appointment details are stored. The data minimization approach ensures proportionality.

4 Risk Assessment

Risk
Likelihood
Impact
Level
Mitigation
Unauthorized access
Low
Medium
Low
TLS 1.3, MFA, audit logs
AI misinterpretation
Medium
Low
Low
Confirmation protocols, human escalation
Data loss
Low
Medium
Low
Daily backups, geo-redundancy
Third-party breach
Low
High
Medium
DPA, SOC 2 certification

5 Mitigation Measures

Measure Implemented Responsible
TLS 1.3 encryption ✓ Yes AIAgens
AES-256 encryption (at rest) ✓ Yes AIAgens
AI self-identification ✓ Yes AIAgens
Human escalation option ✓ Yes AIAgens
Patient consent Pending [Your org.]
Staff training Pending [Your org.]

6 Sign-off

Overall Risk Assessment

Conclusion
Residual risk is assessed as LOW. Technical and organizational measures implemented adequately mitigate identified risks. Processing may proceed with documented safeguards in place.

Project Owner

Signature
Name:
Date:

DPO / Advisor
(if applicable)

Signature
Name:
Date: