Privacy Impact Assessments
What is a Privacy Impact Assessment?
Privacy Impact Assessments (PIAs) are required by Section 208 of the E-Government Act for all Federal government agencies. A PIA is an analysis of how information is collected, maintained, stored, and disseminated. In addition, its purpose is to ensure compliance with applicable legal, regulatory, and policy requirements for privacy; determine and examine the privacy risks and effects; and evaluate the protections and processes for handling information to mitigate those privacy risks. The PIA uses the Fair Information Practice Principles (FIPPs) to assess and mitigate any impact on an individual’s privacy.
PIAs must be made publicly available, unless the publication would raise security concerns, reveal classified information (i.e., national security), or reveal sensitive information (e.g., potentially damaging to a national interest, law enforcement effort, or competitive business interest).
A PIA will notify the public on:
- What Personally Identifiable Information (PII) is being collected;
- Why the PII is being collected; and
- How the PII will be collected, used, accessed, shared, safeguarded and stored.
A PIA must be conducted before:
- Developing or procuring any new technologies or systems that handle or collect PII;
- Creating a new program, system, technology, or information collection that may have privacy implications;
- Updating a system that results in new privacy risks;
- Issuing a new or updated rulemaking that involves the collection of PII.
Pursuant to OMB Memorandum M-03-22, PIAs must be conducted and updated, annually, to reflect changed information collection authorities, business processes, or other factors affecting the collection and handling of information in identifiable form, in addition to where a system change creates new privacy risks, such as:
- Conversions - when converting paper-based records to electronic systems;
- Anonymous to Non-Anonymous - when functions applied to an existing information collection change anonymous information into information in identifiable form;
- Significant System Management Changes - when new uses of an existing IT system, including application of new technologies, significantly change how information in identifiable form is managed in the system;
- Significant Merging - when agencies adopt or alter business processes so that government databases holding information in identifiable form are merged, centralized, matched with other databases or otherwise significantly manipulated;
- New Public Access - when user-authenticating technology (e.g., password, digital certificate, biometric) is newly applied to an electronic information system accessed by members of the public;
- Commercial Sources - when agencies systematically incorporate into existing information systems databases of information in identifiable form purchased or obtained from commercial or public sources. (Merely querying such a source on an ad hoc basis using existing technology does not trigger the PIA requirement);
- New Interagency Uses - when agencies work together on shared functions involving significant new uses or exchanges of information in identifiable form, such as the cross-cutting E-Government initiatives; in such cases, the lead agency should prepare the PIA;
- Internal Flow or Collection - when alteration of a business process results in significant new uses or disclosures of information or incorporation into the system of additional items of information in identifiable form; or
- Alteration in Character of Data - when new information in identifiable form added to a collection raises the risks to personal privacy (for example, the addition of health or financial information).
Approved APHIS PIAs can be found below: