Skip to content

Latest commit

 

History

History
57 lines (45 loc) · 2.77 KB

privacy-impact-assessment.md

File metadata and controls

57 lines (45 loc) · 2.77 KB

Privacy Impact Assessments

Privacy Impact Assessments (PIAs) are the first step in a Privacy by Design (PbD) approach to development.

A PIA is the process by which questions about data collection, processing, sharing, storage, and access are asked before the work has begun.

PIAs can also be applied retrospectively to existing projects, and used as a roadmap for fixes and enhancements.

For data-intensive projects, a PIA document can be requisitioned by a European data protection regulator.

A PIA is a living document which should be revisited and refreshed as necessary.

While not all questions will be applicable to all projects, this list approximates a healthy standard:

Data collection and retention

  1. What personal data is processed?
  2. How is that data collected and retained?
  3. Is the data stored locally, on our servers, or both?
  4. For how long is data stored, and when is the data deleted?
  5. Is the data collection and processing specified, explicit, and legitimate?
  6. What is the process for granting consent for the data processing, and is consent explicit and verifiable?
  7. What is the basis of the consent for the data processing?
  8. If not based on consent, what is the legal basis for the data processing?
  9. Is the data minimized to what is explicitly required?
  10. Is the data accurate and kept up to date?
  11. How are users informed about the data processing?
  12. What controls do users have over the data collection and retention?

Technical and security measures

  1. Is the data encrypted?
  2. Is the data anonymized or pseudonymized?
  3. Is the data backed up?
  4. What are the technical and security measures at the host location?

Personnel

  1. Who has access to the data?
  2. What data protection training have those individuals received?
  3. What security measures do those individuals work with?
  4. What data breach notification and alert procedures are in place?
  5. What procedures are in place for government requests?

Subject access rights

  1. How does the data subject exercise their access rights?
  2. How does the data subject exercise their right to data portability?
  3. How does the data subject exercise their rights to erasure and the right to be forgotten?
  4. How does the data subject exercise their right to restrict and object?

Legal

  1. Are the obligations of all data processors, including subcontractors, covered by a contract?
  2. If the data is transferred outside the European Union, what are the protective measures and safeguards?

Risks

  1. What are the risks to the data subjects if the data is misused, mis-accessed, or breached?
  2. What are the risks to the data subjects if the data is modified?
  3. What are the risks to the data subjects if the data is lost?
  4. What are the main sources of risk?
  5. What steps have been taken to mitigate those risks?