Privacy Impact Assessments

Pursuant to the E-Government Act of 2002, federal agencies are required to conduct Privacy Impact Assessments (PIA) for electronic information systems and collections and, in general, make them publicly available “through the website of the agency, publication in the Federal Register, or other means.” The PIA is an analysis of how information is handled “(a) to ensure handling conforms to applicable legal, regulatory, and policy requirements regarding privacy, (b) to determine the risks and effects of collecting, maintaining and disseminating information in identifiable form in an electronic information system, and (c) to examine and evaluate protections and alternative processes for handling information to mitigate potential privacy risks.”