Privacy Impact Assessments

The University is committed to a proactive approach to privacy by anticipating and preventing invasive events before they occur. As part of our proactive privacy approach, the University embeds privacy considerations into the design and architecture of information technology systems and business processes. Privacy impacts arising from an initiative may be negative (privacy-invasive) and/or positive (privacy-enhancing). A Privacy Impact Assessment (PIA) will assist in identifying ways in which any negative impacts can be mitigated.

Why we undertake Privacy Impact Assessments

A Privacy Impact Assessment (PIA) is a risk assessment tool designed to assist in identifying privacy-invasive impacts, and in identifying and evaluating solutions to mitigate privacy risks.

We undertake PIAs as part of a sound risk management strategy, to assess whether it is safe to proceed to the implementation phase of a new project. We also undertake PIAs if changes are made to the way we collect, use, store or dispose of personal information.