Effective Immediately (October 2017): A new PIA Checklist has been developed to increase the efficiency and effectiveness of the PIA process. Please ensure you delete saved copies of the previous checklist version from your system and submit the August 2017 issued PIA Checklist to the Access and Privacy Office for all future projects/initiatives.
If you have any questions regarding the new checklist, please contact our office at firstname.lastname@example.org.
What is a Privacy Impact Assessment?
A Privacy Impact Assessment (PIA) is a process that helps an organization to determine whether new technologies, information systems, initiatives and program changes are compliant with privacy legislation and meet basic privacy requirements.
The goal of a PIA is to effectively identify and mitigate privacy risks. A PIA is intended to contribute to senior management’s ability to make fully informed policy, system design and procurement decisions.
Click on the bolded questions below to view the answers.
Conducting a PIA will benefit when:
1. Designing a new program or service that involves the collection, use and disclosure of personal information or personal health information;
2. Making significant changes to a program or service such as converting from a conventional service delivery mode to electronic service delivery mode that involves the collection, use and disclosure of personal information or personal health information;
3. Changing the way you collect, use or disclosure personal information or personal health information;
4. Anticipating that the public may have privacy concerns regarding a new or modified program or service;
5. Introducing changes to the business systems or infrastructure architecture that affect the physical or logical separation of personal information or personal health information, or the security mechanisms used to manage and to control access to personal information or personal health information.
A PIA helps to:
1. Ensure that privacy is built in at the outset of any new program or service;
2. Assure the public that their privacy is safeguarded;
3. Reduce the risk of non-compliance;
4. Avoid costly redesigns of programs and services;
5. Assist senior management in making fully informed decisions;
6. Promote an awareness and understanding of privacy issues.
Fill in the August 2017 issued PIA Checklist and submit it to the Access and Privacy Office. Someone from the Access and Privacy Office will be in touch with you to guide you through the PIA process.
Last Updated: October 26, 2017
The PIA Checklist is available in alternate formats, upon request. Please contact us at email@example.com, or 204-474-7559.