This guide provides an overview of Privacy Impact Assessments, a template for practitioners on how to develop appropriate PIA questions, a glossary of relevant terms, a model legislation, a draft governor’s executive order, guidance for implementing the E-Government Act of 2002, social media resources, and an explanation of the Fair Information Practice Principles.
A Privacy Impact Assessment (PIA) allows an entity to examine its Privacy, Civil Rights, and Civil Liberties (P/CRCL) Policy risks stemming from the entity’s information system and sharing activities. This document describes the importance of PIA and helps practitioners at state, local, tribal, and territorial (SLTT) justice entities as they examine the privacy implications of their information systems and information sharing collaborations, so they may design and implement policies to address vulnerabilities identified in the PIA process. The PIA overview provided in this guide presents the history and development of the PIA process and why it is important. The guide also lays out where PIA fits into the steps for developing the P/CRCL Policy, as well as other details such as benefits, who is responsible for conducting the PIA, its components, and its goals and purposes. Appendix A provides a Template PIA, and other appendixes include model legislation, a sample executive order, office management and budget memorandum, and more.