Privacy Impact Assessments
Further guidance on privacy impact assessments is available in Section 10 of the Data Protection Code of Practice.
When University staff are considering adopting new administrative systems and other processes with possible privacy implications, or updating existing systems or processes, they should consider undertaking a Privacy Impact Assessment (PIA) in the early stages of a project to identify any potential privacy issues and risks, and seek ways to avoid, minimise or at least improve privacy concerns. This guidance includes advice on when a PIA should be carried out, who should be involved and what form the process might take.
Download the Guidance on Privacy Impact Assessments
Template Small Scale Privacy Impact Assessment
This template for conducting a Privacy Impact Assessment has been developed from the UK Information Commissioner’s guidance for use in the early stages of project or process design.
Download the Template Small Scale Privacy Impact Assessment