Privacy Impact

Privacy - The right to control who has access to their personal information, and under what circumstances. Managing process will be a significant management and financial burden for companies as they try to comply with new privacy legislation.

At SRG our Privacy Impact Assessment (PIA) provides a consistent, industry recognized framework to ensure that privacy is considered throughout the design or re-design of your organisations IT programs and services. The PIA will assist managers and decision-makers in identifying, assessing, and managing privacy risks. Our PIA promotes fully informed policy decision-making and system design choices.

 
Departments and agencies will benefit from the PIA by avoiding unnecessary collection and maintenance of personal information, a daunting challenge facing management and executives today. A PIA will allow your company to manage these costs efficiently.

Our Privacy Impact Assessments are a comprehensive process that will:

  • Assist private agencies and government institutions in determining the effects of program and service delivery initiatives on individual privacy.
  • Assess privacy-related issues in the collection, use and disclosure of personal or personal health information
  • Help agencies and institutions ensure that the appropriate steps are taken to mitigate any privacy-related risks.

The steps below illustrate SRG Security Resource Groups general process for completing a PIA.
 
Step 1: Project Initiation
  • Define Scope of PIA
  • Designate team members
  • Adapt SRG PIA tools to align with scope
Step 2: Information Analysis
  • Describe business process
  • Identify personal information in business processes
  • Create detailed data flow charts
Step 3: Privacy Analysis
  • Complete privacy analysis questionnaires
  • Clarify any required questionnaire details
  • Describe privacy issues and implications
Step 4: Privacy Impact Assessment Report
  • Summarize privacy risks and degree of risks
  • Identify, discuss and recommend options to mitigate risks or collection
  • End with other considerations (if any) and path forward



 ©  2008 Security Resource Group Inc.
All Rights Resered.