To ask the Secretary of State for the Home Department, whether his Department undertook a Data protection impact assessment (a) or (b) after the introduction of the Aspen card in asylum support arrangements.

The introduction of Aspen (2016) pre-dates the requirement for a data pro-tection impact assessment (DPIA), which was introduced as part of the General Data Protection Regulation (GDPR). Appropriate legal advice was nevertheless obtained prior to the scheme being launched. In line with good practice, a review of current practice is being conducted to ensure that it is compliant with the GDPR, which will include the completion of a DPIA.