Privacy Impact Assessment (PIA)
What is a Privacy Impact Assessment (PIA)?
A Privacy Impact Assessment (PIA) is a process used to evaluate and manage privacy impacts, and to ensure compliance with privacy protection rules and responsibilities.
A Privacy Impact Assessment (PIA) must be conducted under the following circumstances:
Development or procurement of new technologies or systems that collect, use, or manage personal information.
Initiation of pilot programs involving personal data. A PIA is required prior to the commencement of any pilot to ensure privacy considerations are integrated from the outset.
Modification of existing systems that affect the handling of personal information. A PIA may be required depending on the nature and scope of the changes.
Implementation of new electronic methods for collecting personally identifiable information.
Introduction or revision of regulations or policies that impact the collection, use, disclosure, or retention of personal information.
Privacy Impact Assessment Template
Privacy Impact Assessment (PIA) Process
Prior to completing a PIA, please consult with your Dean/Chair or direct supervisor first. Selkirk College may already have an existing solution in place to meet your needs.
Complete the attached PIA (Business Owner). We recommend contacting the vendor to complete any technical / internal process portions of the PIA.
Submit to privacy@selkirk.ca for review.
Note: A completed and approved PIA is only the start of the process of adopting new processes and technologies. Further discussions around resourcing, timelines and scope of work should be initiated with stakeholders including IT Services separately to the PIA.
IT Services is not responsible for integration work on completion of PIAs.
Related Articles