Privacy Impact Assessments (PIA)
A Privacy Impact Assessment (PIA) is an analysis of how Personally Identifiable Information (PII) is collected, used, shared, and maintained by federal agencies and components. The purpose of a PIA is to demonstrate that program managers and system owners consciously incorporate privacy protections throughout the development life cycle of a system or program.
Section 208 of the E-Government Act of 2002 establishes Government-wide requirements for conducting, reviewing, and publishing PIA. DoD guidance directs all DoD components to conduct reviews of how privacy issues are considered when purchasing or creating new Information Technology (IT) systems or when initiating new electronic collections of information in personally identifiable form.
The PIA addresses privacy factors for all new or significantly altered Information Technology (IT systems or projects that collect, maintain, or disseminate personal information from or about members of the public, Federal personnel contractors, or Foreign Nationals employed at U.S. military facilities internationally). Further, it allows government agencies to communicate more clearly with the public about how we handle information, particularly how we address privacy concerns and safeguard information.
List of DFAS PIAs