A Taiwanese government agency charged with technology development has announced that it has successfully developed a new mobile software application named ＂social distance app＂ as a tool to prevent COVID-19 infection. For the App to be fully functional, it requires that at least 60% of persons living in Taiwan download to use the App. Given the high population required to use the App and the privacy concerns arising out of the contact tracing function, it is therefore an unavoidable task to provide a sufficient level of comport to users to ease their data protection concerns for using the App. This article has identified a feasible approach-Data Protection Impact Assessment (DPIA), a process for the developer to identify and to mitigate the data protection risks before launching the App. DPIA process provides the data protection officer with a mechanism for ensuring that the agreed actions are delivered within agreed timescales. Although Taiwan's data protection law has not made it mandatory for a DPIA to be put in place before the App is launched, it is advisable that the App developer take the initiative to implement the DPIA to set a model that the users can enjoy the benefits of technological innovation while their rights and freedoms are well protected. For the counterpart in the EU, DPIA has been introduced into the General Data Protection Regulation (GDPR) but it is still a new and unfamiliar process to most people, not to mention that DPIA has not been included into Taiwan's personal data protection laws. This article provides insights into the role of DPIA and examines why DPIA can serve as an effective tool of enhancing user's trust in using the App; furthermore, the article provides suggestions to introduce DPIA mechanism into Taiwan's personal data protection laws for the legislators to consider in a regulatory reform in the near future.