Privacy Impact Assessments (PIA)

Overview

Section 208 of the E-Government Act of 2002 helps to ensure that agencies put in place sufficient protections for the privacy of personal information in implementing a citizen-centered electronic government. It requires agencies to conduct Privacy Impact Assessments (PIAs) for information technology (IT) systems or projects that collect, maintain or disseminate information in identifiable form from or about members of the public or when initiating a new electronic collection of information in identifiable form for 10 or more persons (excluding agencies, instrumentalities, or employees of the federal government).

Among other things, the PIA process requires agencies to review what information is collected, why the information is collected, how the information will be used by the agency, with whom the information will be shared, and how the information is handled and secured when using IT to collect new information or when developing or buying new IT systems to handle collections of personally identifiable information. PIAs conducted for " major information systems," as defined in OMB Circular A-130 (Section 6.u.) and OMB Circular A-11 (section 300-4 (2003)), reflect more extensive analysis of the consequences of collection and flow of information, the alternatives to the collection and handling as designed, the appropriate measures to reduce risks identified for each alternative, and the rationale for the final design choice or business process.

In general, agencies are required to make PIAs publicly available through publication in the Federal Register or through posting on agency websites.

Objectives

The objectives of a PIA include:

  • Provide a tool to make informed policy and system design or procurement decisions based on an understanding of privacy risks and options available for mitigating these risks.
  • Ensure that system and program managers are accountable for the proper handling of privacy issues.
  • Establish a consistent format and structured process for analyzing both technical and legal compliance with applicable privacy laws and regulations, as well as accepted privacy policy.
  • Provide basic documentation on the flow of personal information within systems for use and review by policy, program, and management staff; systems analysts; and security specialists.
  • Provide the public with assurances that their personal information is protected.

Privacy Impact Assessments

The following are official Privacy Impact Assessments (PIAs) of significant initiatives at the U.S. Department of Education (listed by Principal Office).

Federal Student Aid (FSA)
Institute of Education Sciences (IES)
Office of the Chief Financial Officer (OCFO)
Office of the Chief Information Officer (OCIO)
Office of Communications and Outreach (OCO)
Office for Civil Rights (OCR)
Office of Elementary and Secondary Education (OESE)
Office of the General Counsel (OGC)
Office of Inspector General (OIG)
Office of Innovation and Improvement (OII)
Office of Management (OM)
Office of Postsecondary Education (OPE)
Office of Planning, Evaluation and Policy Development (OPEPD)
Office of the Secretary (OS)
Office of Special Educational and Rehabilitative Services (OSERS)
Office of Vocational and Adult Education (OVAE)

Federal Student Aid (FSA)

Back to Top

Institute of Education Sciences (IES)

Back to Top

Office of the Chief Financial Officer (OCFO)

Back to Top

Office of the Chief Information Officer (OCIO)

Back to Top

Office of Communications and Outreach (OCO)

Back to Top

Office for Civil Rights (OCR)

Back to Top

Office of Elementary and Secondary Education (OESE)

Back to Top

Office of the General Counsel (OGC)

Back to Top

Office of Inspector General (OIG)

Back to Top

Office of Innovation and Improvement (OII)

Back to Top

Office of Management (OM)

Back to Top

Office of Postsecondary Education (OPE)

Back to Top

Office of Planning, Evaluation and Policy Development (OPEPD)

Back to Top

Office of the Secretary (OS)

Back to Top

Office of Special Educational and Rehabilitative Services (OSERS)

Back to Top

Office of Vocational and Adult Education (OVAE)


 
Print this page Printable view Bookmark  and Share
Last Modified: 07/30/2014