Privacy Impact Assessments
Guidance on Privacy Impact Assessments
When University staff are considering adopting new administrative systems and other processes with possible privacy implications, or updating existing systems or processes, they should consider undertaking a Privacy Impact Assessment (PIA) in the early stages of a project to identify any potential privacy issues and risks, and seek ways to avoid, minimise or at least improve privacy concerns.
Guidance on privacy impact assessments, which includes advice on when a PIA should be carried out, who should be involved and what form the process might take, is available in Section 10 of the Data Protection Code of Practice.
The University PIA template form and guidance are available below:
PIA template Nov 2018.doc
University Guide to PIAs Nov 2018.pdf
For assistance and guidance on conducting a PIA please contact the University's Information Governance Manager.