Help Desk: (814)865-HELP

Privacy Impact Assessment

What is a Privacy Impact Assessment?

Privacy Impact Assessments (PIA) analyze how a unit collects, uses, shares, and maintains identifiable information on behalf of Penn State.

A PIA will help your unit:

  1. Conform with applicable legal, regulatory, and policy requirements for privacy
  2. Determine the risks and effects of collecting, using, sharing and maintaining identifiable information
  3. Evaluate protections and alternative processes to mitigate potential privacy risks

When do I need a Privacy Impact Assessment?

The University Privacy Office conducts a Privacy Impact Assessment when a unit:

  1. Initiates a new project or creates a new program, system or technology that may have privacy implications
  2. Develops or procures any new technologies that or systems that collect, maintain, or disseminate identifiable information

What should I do if I'm not sure I need a Privacy Impact Assessment?

Please let our decision tool guide you through the process. It’s a quick, six-question tool designed to help you decide whether a PIA is necessary.

Okay, I need a Privacy Impact Assessment. Now what?

Download and complete the Privacy Impact Assessment form. Then, please email the completed form to

Penn State’s Privacy Principles