Privacy Impact Assessment (PIA)
Demonstrable personal data and privacy security
Privacy security as part of the corporate culture
Effective implementation of a risk management process
Continuous improvement of your security level
What is Privacy Impact Assessment (PIA)?
Usually, PIA would be initiated at the beginning of the project. It comprises a set of screening processes, including the description of privacy information flows in a project, the analysis of the possible impacts on individual’s or privacy; continuously with the identification and recommendation options for avoiding, minimizing, or mitigating negative privacy impacts, to achieve the goal of minimizing the potential negative impacts and enhancing the positive privacy effects.
The management of the companies and organizations can build up the privacy considerations into the design of a project. This is a cost-effective way of reducing privacy risks.
Who is PIA suitable for?
What are the benefits of PIA?
Functions of PIA Reporting
When is a PIA required?
Contents of PIA Report
How does PIA work?
First, we want to learn about your company, the purpose and rationale behind the project.
Once the goals of the verification and the structure of PIA are defined, the six data protection principles ("DDPs") are adopted for data processing cycle analysis:
DPP1. the purpose for which and the circumstances under which the personal data is collected
DPP2. the policy regarding the retention of the personal data and the maintenance of its accuracy
DPP3. the processing (including transfer and sharing) of the personal data
DDP4. the security safeguards to prevent unauthorized or accidental access, processing, erasure, loss or use of the data
DDP5. the privacy policy and practices to be devised
DDP6. the procedures for complying with data access and correction requests
Privacy risks analysis will be applied to identify the key areas of privacy concerns.
This is the phase that will allow to develop a corrective action to avoid or mitigate privacy risks.
A detailed PIA report will be submitted including the findings.