The E-Government Act of 2002, Section 208, requires all agencies to assess the impact on privacy for systems that collect personally identifiable information (PII). Let our certified information privacy professionals (CIPP) help alleviate any compliance concerns.
Privacy Threshold Analysis (PTA)
PTA identifies whether a system, application or program collects or maintains PII or otherwise impacts privacy. A completed PTA shall dictate whether conducting a PIA or System of Records Notice (SORN) is required.
A PTA should be completed as early as possible during the design and development of, or any significant modification to, a project in which the organization knows it
will, or is unsure whether it will, create, collect, use, process, store, maintain, disseminate, disclose, or dispose of personally identifiable information.
Privacy Impact Assessments (PIA)
As a general matter, Federal agencies are required to conduct privacy impact assessments, absent an applicable exception, when they develop, procure, or use IT to create, collect, use, process, store, maintain, disseminate, disclose, or dispose of PII.
A PIA can help an organization to gain the public’s trust and confidence that privacy has been built into the design of a project, technology, or service. Trust is built on transparency, and a PIA is a disciplined process that promotes open communications, common understanding, and transparency.