For Good Information Sources for Privacy Impact Assessment (PIA), please have a look at ico.org.uk’s PIA page and Guide Conducting privacy impact assessments code of practice.
Steps
- Identify the need for a PIA
- Describe the information flows
- Identify the privacy and related risks
- Identify and evaluate the privacy solutions
- Sign off and record the PIA outcomes
- Integrate the outcomes into the project plan
- Consult with internal and external stakeholders as needed throughout the process
Other PIA related links
- Methodology for Privacy Risk Management, by CNIL
- Using Ebios methodology
- PIA, by DHS
- Guide
- PIA Guidelines (British Columbia)
- PIA Fact Sheet
- Directive on Privacy Impact Assessment, (Canada)
- USAID Privacy Impact Assessment Template
- Assessments at FTC
- Twitter, Google, LinkedIn, Skype, Facebook, Youtube etc.
- Privacy Management Reference Model and Methodology (PMRM), by OASIS
- Privacy Impact Assessment Guideline for RFID Applications, by BSI
- Retail scenario
- Public Transport Scenario
- Automotive Scenario
- International Review of Privacy Impact Assessments
- PIAF (A Privacy Impact Assessment Framework for data protection and privacy rights) is a European Commission co-funded project that aims to encourage the EU and its Member States to adopt a progressive privacy impact assessment policy as a means of addressing needs and challenges related to privacy and to the processing of personal data.
