|
Privacy Impact Assessment (PIA)
A PIA process is critical to enable a public body to properly assess, before any decision to proceed is made, whether a proposed program, policy or legislation has any privacy impact or complies with
the Freedom of Information and Protection of Privacy Act (FIPPA).
A public body should perform a PIA, in consultation with its privacy experts, at the earliest possible stage for each proposed program, policy or piece of legislation. The PIA should be performed early in order to guide the decision on whether to proceed
at all in light of any adverse privacy impact or concerns about compliance with FIPPA. The completed PIA should, in cases where the public body decides any privacy impact can be mitigated if it proceeds, be used to design the program, policy or legislation in a way that mitigates any privacy impact as far as possible.
The following link takes you to a PIA tool published by the
IM/IT Privacy and Legislation Branch
of the Ministry of Labour and Citizens' Services. (The OIPC commented on the PIA
tool).
|
