A Privacy Impact Assessment (PIA) is an analysis of how personally identifiable information (PII) is handled in DoD information systems or electronic collections. The PIA examines and evaluates protections for handling information to mitigate potential privacy risks. A PIA also analyzes and describes the following information about a system:
- What information is being collected?
- Why the information will be collected?
- What is the intended use of the information?
- With whom will the information be shared?
- How will the information be secured?
The Defense Health Agency (DHA) PIA program coordinates the PIA process within DHA, in compliance with the E-Government (E-Gov) Act of 2002, Section 208, OMB M-03-22, and DoDI 5400.16.
The DHA PIA team assists information system owners and developers who collect, maintain and/or disseminate PII in demonstrating the incorporation of required protections throughout the entire life cycle of a system.
You also may be interested in...
Fact Sheet
7/28/2016
This Information Paper provides an overview of Privacy Impact Assessment (PIA).
Recommended Content:
Privacy Impact Assessments
Form/Template
3/31/2016
The purpose of the PTA is to identify if a system contains personally identifiable information (PII); and determine whether a Privacy Impact Assessment (PIA) is required, whether a System of Records Notice (SORN) is required, and if any other privacy requirements apply to the information system.
Recommended Content:
Privacy Impact Assessments | Privacy and Civil Liberties
Form/Template
3/21/2016
The DHA PIA Guide addresses the common issues encountered during the completion of a PIA. This PIA Guide enhances the assessment process and helps the DHA Privacy and Civil Liberties Office efficiently conduct a PIA review to completion.
Recommended Content:
Privacy Impact Assessments
Policy
This Instruction establishes policy and assigns responsibilities for completion and approval of PIAs in accordance with the guidance in DoD Instruction 5025.01 and the authority in DoD Directive 5144.1.
Fact Sheet
4/16/2015
The Military Health System (MHS) Privacy Impact Assessment (PIA) Process Overview describes how to submit a PIA.
Recommended Content:
Privacy Impact Assessments
Policy
This Regulation is reissued under the authority of DoD Directive 5400.11, “DoD Privacy Program,” May 8, 2007. It provides guidance on section 552a of title 5 United States Code (U.S.C.), the Privacy Act of 1974, as amended, and prescribes uniform procedures for implementation of the DoD Privacy Program.
Policy
This Instruction reissues and renames DoD Directive (DoDD) 8500.01E as a DoD Instruction (DoDI) pursuant to the authority in DoDD 5144.02 to establish a DoD cybersecurity program to protect and defend DoD information and information technology (IT).
Policy
This Instruction reissues and renames DoD Instruction (DoDI) 8510.01 in accordance with the authority in DoD Directive (DoDD) 5144.02. It also establishes the RMF for DoD IT (referred to in this Instruction as “the RMF”), establishing associated cybersecurity policy, and assigning responsibilities for executing and maintaining the RMF.
Showing results 1 - 15
Page 1 of 2