Office of the Privacy Commissioner | Privacy Impact Assessment Toolkit
A privacy impact assessment (PIA) is a way for organisations to assess and address privacy risks when they’re collecting, using, or sharing personal information.
Doing a PIA will help your organisation:
- check whether your project compiles with privacy laws
- identify and minimiase privacy risks (e.g. data breaches)
- give customers or clients certainty that their information is safe
- improve your information management systems.
There are real risks for your organisation if your project involves personal information, or intrudes on people’s privacy, and you don’t do a PIA. We’ve developed tools and documents (listed below) to help you succeed.
If you're unsure whether you need a PIA, fill out our brief privacy analysis template, which will help you decide.
- How to do a Privacy Impact Assessment: A step-by-step guide to successfully completing a privacy impact assessment
- Privacy Impact Assessment template: A template document to work through your project’s privacy impacts
- Brief Privacy Analysis template: Use this template to check whether you need to do a full privacy impact assessment
- Risk and Mitigation Table template: A risk and mitigation table helps you identify, describe, and manage potential privacy risks involved in your project