Best Practices for Conducting Privacy Impact Assessments PIAs in Government

1
Best Practices for Conducting Privacy Impact
Assessments (PIAs) in Government

• Moderator
• Paul Saunders, CEO, COAST Software

Wednesday, March 31, 2004
2
COAST Software

• COAST Software is an award winning provider of
  Web compliance management solutions
• Automated solutions for managing Web privacy,
  operational security, accessibility, corporate
  governance
• Trusted supplier to government
• Army, Library of Congress, Navy, GSA, Air Force,
  Marines

3
Privacy Impact AssessmentContent Requirements

• PIAs report on the impact of new/updated systems
  and data collection practices
• Content and structure will vary from organization
  to organization
• Privacy stakeholders should ask themselves
• What are the objectives of this system/practice?
• Do we have a clear understanding of where data
  resides?
• Do we know how the data is being handled?
• Do systems comply with current privacy policies?
• How will we monitor ongoing compliance?

4
The Panel

• Best practices are being formed by leading
  organizations such as the Department of Homeland
  Security and the US Census Bureau
• Elizabeth Withnell Acting Departmental
  Disclosure Officer, Legal Counsel to CPO
  Department of Homeland Security
• Gerald Gates Chief, Policy Office
• US Census Bureau