{"id":1536,"date":"2014-09-15T19:36:17","date_gmt":"2014-09-15T16:36:17","guid":{"rendered":"http:\/\/saisa.eu\/blogs\/Guidance\/?p=1536"},"modified":"2014-09-15T19:43:24","modified_gmt":"2014-09-15T16:43:24","slug":"privacy-impact-assessment","status":"publish","type":"post","link":"https:\/\/saisa.eu\/blogs\/Guidance\/?p=1536","title":{"rendered":"Privacy Impact Assessment"},"content":{"rendered":"<p>For Good Information Sources for Privacy Impact Assessment (PIA), please have a look at ico.org.uk\u2019s <a href=\"http:\/\/ico.org.uk\/for_organisations\/data_protection\/topic_guides\/privacy_impact_assessment\">PIA page<\/a> and Guide <a href=\"http:\/\/ico.org.uk\/for_organisations\/data_protection\/topic_guides\/~\/media\/documents\/library\/Data_Protection\/Practical_application\/pia-code-of-practice-final-draft.pdf\">Conducting privacy impact assessments code of practice<\/a>.<\/p>\n<p><strong>Steps<\/strong><\/p>\n<ol>\n<li>Identify the need for a PIA<\/li>\n<li>Describe the information flows<\/li>\n<li>Identify the privacy and related risks<\/li>\n<li>Identify and evaluate the privacy solutions<\/li>\n<li>Sign off and record the PIA outcomes<\/li>\n<li>Integrate the outcomes into the project plan<\/li>\n<li>Consult with internal and external stakeholders as needed throughout the process<\/li>\n<\/ol>\n<p><a href=\"http:\/\/saisa.eu\/blogs\/Guidance\/wp-content\/uploads\/2014\/09\/pia0a.png\"><img loading=\"lazy\" alt=\"PIA0a\" src=\"http:\/\/saisa.eu\/blogs\/Guidance\/wp-content\/uploads\/2014\/09\/pia0a-small.png\" width=\"550\" height=\"206\" \/><\/a><\/p>\n<p><a href=\"http:\/\/saisa.eu\/blogs\/Guidance\/wp-content\/uploads\/2014\/09\/pia0b.png\"><img loading=\"lazy\" alt=\"PIA0b\" src=\"http:\/\/saisa.eu\/blogs\/Guidance\/wp-content\/uploads\/2014\/09\/pia0b-small.png\" width=\"550\" height=\"265\" \/><\/a><\/p>\n<p><a href=\"http:\/\/saisa.eu\/blogs\/Guidance\/wp-content\/uploads\/2014\/09\/pia0c.png\"><img loading=\"lazy\" alt=\"PIA0c\" src=\"http:\/\/saisa.eu\/blogs\/Guidance\/wp-content\/uploads\/2014\/09\/pia0c-small.png\" width=\"550\" height=\"285\" \/><\/a><\/p>\n<p><strong>Other PIA related links<\/strong><\/p>\n<ul>\n<li><a href=\"http:\/\/www.cnil.fr\/fileadmin\/documents\/en\/CNIL-ManagingPrivacyRisks-Methodology.pdf\">Methodology for Privacy Risk Management<\/a>, by CNIL\n<ul>\n<li>Using Ebios methodology<\/li>\n<\/ul>\n<\/li>\n<li><a href=\"http:\/\/www.dhs.gov\/privacy-office-privacy-impact-assessments-pia\">PIA<\/a>, by DHS\n<ul>\n<li><a href=\"http:\/\/www.dhs.gov\/xlibrary\/assets\/privacy\/privacy_pia_guidance_june2010.pdf\">Guide<\/a><\/li>\n<li>PIA <a href=\"http:\/\/www.cio.gov.bc.ca\/local\/cio\/priv_leg\/documents\/foippa\/2014%20PIA%20documents\/PIA_Guidelines.pdf\">Guidelines<\/a> (British Columbia)<\/li>\n<\/ul>\n<\/li>\n<li><a href=\"https:\/\/www.priv.gc.ca\/resource\/fs-fi\/02_05_d_33_e.asp\">PIA Fact Sheet<\/a><\/li>\n<li><a href=\"http:\/\/www.tbs-sct.gc.ca\/pol\/doc-eng.aspx?id=18308&amp;section=text\">Directive on Privacy Impact Assessment<\/a>, (Canada)<\/li>\n<li><a href=\"http:\/\/www.usaid.gov\/sites\/default\/files\/documents\/1868\/508mac.pdf\">USAID Privacy Impact Assessment Template<\/a><\/li>\n<li><a href=\"http:\/\/www.ftc.gov\/site-information\/privacy-policy\/privacy-impact-assessments\">Assessments<\/a> at FTC\n<ul>\n<li>Twitter, Google, LinkedIn, Skype, Facebook, Youtube etc.<\/li>\n<\/ul>\n<\/li>\n<li><a href=\"http:\/\/docs.oasis-open.org\/pmrm\/PMRM\/v1.0\/csd01\/PMRM-v1.0-csd01.pdf\">Privacy Management Reference Model and Methodology<\/a> (PMRM), by OASIS<\/li>\n<li><a href=\"https:\/\/www.bsi.bund.de\/SharedDocs\/Downloads\/DE\/BSI\/ElekAusweise\/PIA\/Privacy_Impact_Assessment_Guideline_Langfassung.pdf?__blob=publicationFile\">Privacy Impact Assessment Guideline for RFID Applications<\/a>, by BSI\n<ul>\n<li><a href=\"http:\/\/saisa.eu\/blogs\/Guidance\/wp-content\/uploads\/2014\/09\/pia1.png\"><img loading=\"lazy\" alt=\"PIA1\" src=\"http:\/\/saisa.eu\/blogs\/Guidance\/wp-content\/uploads\/2014\/09\/pia1-small.png\" width=\"300\" height=\"196\" \/><\/a><\/li>\n<li>Retail scenario<\/li>\n<li>Public Transport Scenario<\/li>\n<li>Automotive Scenario<\/li>\n<\/ul>\n<\/li>\n<li><a href=\"http:\/\/hiqa.ie\/system\/files\/Intl-Review-Privacy-Impact-Assessment.pdf\">International Review of Privacy Impact Assessments<\/a><\/li>\n<li><a href=\"http:\/\/www.piafproject.eu\/About%20PIAF.html\">PIAF<\/a> (A Privacy Impact Assessment Framework for data protection and privacy rights) is a European Commission co-funded project that aims to encourage the EU and its Member States to adopt a progressive privacy impact assessment policy as a means of addressing needs and challenges related to privacy and to the processing of personal data.<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>For Good Information Sources for Privacy Impact Assessment (PIA), please have a look at ico.org.uk\u2019s PIA page and Guide Conducting privacy impact assessments code of practice. Steps Identify the need for a PIA Describe the information flows Identify the privacy &hellip; <a href=\"https:\/\/saisa.eu\/blogs\/Guidance\/?p=1536\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[79,3,32,44],"tags":[],"_links":{"self":[{"href":"https:\/\/saisa.eu\/blogs\/Guidance\/index.php?rest_route=\/wp\/v2\/posts\/1536"}],"collection":[{"href":"https:\/\/saisa.eu\/blogs\/Guidance\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/saisa.eu\/blogs\/Guidance\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/saisa.eu\/blogs\/Guidance\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/saisa.eu\/blogs\/Guidance\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1536"}],"version-history":[{"count":1,"href":"https:\/\/saisa.eu\/blogs\/Guidance\/index.php?rest_route=\/wp\/v2\/posts\/1536\/revisions"}],"predecessor-version":[{"id":1537,"href":"https:\/\/saisa.eu\/blogs\/Guidance\/index.php?rest_route=\/wp\/v2\/posts\/1536\/revisions\/1537"}],"wp:attachment":[{"href":"https:\/\/saisa.eu\/blogs\/Guidance\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1536"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/saisa.eu\/blogs\/Guidance\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1536"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/saisa.eu\/blogs\/Guidance\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1536"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}