What is a Privacy Impact Assessment (PIA)?
A Privacy Impact Assessment (PIA) is a process used to evaluate and manage privacy impacts, and to ensure compliance with privacy protection rules and responsibilities.
A PIA should be completed when any of the following activities occur:
- Developing, or procuring any new technologies or systems that handle or collect personal information.
- A PIA is required for all submissions. The PIA should show that privacy was considered from the beginning stage of system development. If a program is beginning with a pilot, a PIA is required prior to the commencement of the pilot test.
- Developing system revisions. If an existing system is modified, a PIA may be required.
- Initiating a new electronic collection of information in identifiable form.
- Issuing a new or updated rule-making that affects personal information.
Privacy Impact Assessment (PIA) Process
The following diagram outlines Selkirk College's process for Privacy Impact Assessments.