Privacy Impact Assessment
What is a Privacy Impact Assessment?
Privacy Impact Assessments (PIA) analyze how a unit collects, uses, shares, and maintains identifiable information on behalf of Penn State.
A PIA will help your unit:
- Conform with applicable legal, regulatory, and policy requirements for privacy
- Determine the risks and effects of collecting, using, sharing and maintaining identifiable information
- Evaluate protections and alternative processes to mitigate potential privacy risks
When do I need a Privacy Impact Assessment?
A Privacy Impact Assessment is required when a unit:
- Initiates a new project that collects or generates identifiable information or may otherwise have privacy implications
- Develops or procures any new technologies or systems that collect, maintain, or disseminate identifiable information