What is a Privacy Impact Assessment
 

A privacy impact assessment (PIA) is a risk management tool for assessing how activities with personal information affect the privacy of individuals by identifying privacy and security risks or impacts and how to address them. PIAs demonstrate good privacy practices, identify areas for mitigation and improvement, and support trust in institutional activities with personal information.

 

When is a PIA required
 

A PIA must be completed before collecting personal information or making significant changes to existing programs, systems, or activities that involve personal information. This includes new activities, programs, services, or technologies, as well as modifications to existing processes that alter how personal information is handled. 

 

What is Personal Information
 

Personal information is information about identifiable individuals, such as students, community members, and event participants. Personal information includes all information about an identifiable individual, such as race, national or ethnic origin, colour, religion, age, sex, sexual orientation, identifying numbers, contact details, academic records, and financial information. 

Frequently Asked Questions (FAQs)