[Updated 19 September 2018]
To date, the following positive and negative lists on data protection impact assessments (DSFA) (both concretize the obligation to provide a DSFA based on Art. 35 Para. 4 (positive lists, black list; probably mandatory for authorities) and Para. 5 (negative list, white list; probably voluntary for authorities)):
Authority | Date | Type | Link |
Belgium | 28.2.2018 | black/white | https://goo.gl/bSa1Mr |
Germany / Baden-Wuerttemberg | 25.5.2018 | black | https://goo.gl/UjjECY |
Germany / Saarland | 25.5.2018 | black | https://goo.gl/pCDqfz (same as Baden-Württemberg, but with two additional cases) |
Germany / Schleswig-Holstein | 25.5.2018 | black | https://goo.gl/81Yoa9 (same as Baden-Württemberg, but with one additional case; not identical to the additional cases in Saarland). |
Germany / Rhineland-Palatinate | 25.5.2018 | black – for public use only | https://goo.gl/wSWJsZ |
Germany (Data Protection Conference, DSK) | 25.7.2018 | black | https://goo.gl/nN3eCt |
Austria | 25.5.2018 | white | https://bit.ly/2l50aqU |
Poland | undated | black | Polish: https://giodo.gov.pl/pl/file/13366
English translation by Kobylańska & Lewoszewski: https://goo.gl/36bnBM |