A proper Privacy Impact Assessment (PIA) must follow specific industry frameworks. One of them is known as the Generally Accepted Privacy Principles (GAPP). These are the same fundamental principles used to build the Canadian and American Privacy legislations such as PIPEDA and the Privacy Act, which you are assessing against.
This is why a generic assessment will waste valuable time and resources without meeting your compliance needs. Someone proposing this approach would probably have very little experience with Privacy.
Your Privacy compliance should be handled by a certified Privacy professional.
Strata Privacy professionals are trained and accredited by the International Association of Privacy Professionals (IAPP). We strictly follow the IAPP and GAPP guidelines for conducting PIAs.
In general, a PIA is required in the early stages or a project, usually during the definition phase of a new program or system which requires the collection and storage of personal information. As part of this process, potential privacy risks and implications are identified and qualified.
We deliver value by:
Providing a complete view of the privacy practices in place
Conducting a detailed analysis of all personal information being collected and disseminated through various relationships with other entities
Offering pragmatic solutions to effectively manage privacy issues associated with the initiative
Ensuring that your program or system is compliant with all applicable legislations and policies
A PIA will demonstrate that privacy remains a priority throughout the development cycle of your initiative or program.
Contact us today to get started.