NRM SDLC - Privacy
Protecting the privacy of personal information is a legislative requirement.
A PIA is created to ensure compliance with the Freedom of Information and Protection of Privacy Act when collecting, using or disclosing personal information.
A privacy impact assessment must be completed for any new or changes to applications. The initial assessment must be completed for all initiatives to determine whether personal information is involved.
A draft Privacy Impact Assessment (PIA) is required during the Initiation Phase to identify potential risks and impacts of collecting, using, and disclosing personal information. It is also a requirement to move to the Test environment through the Change Management process. A final PIA is required in the Design phase and is a requirement to move to the Production environment through the Change Management process.
Standards/Guidelines
BC Government Privacy Impact Assessment Process:
Templates
Deliverable Requisite
A Privacy Impact Assessment is mandatory for all project complexity levels.
Samples
There is no sample currently available.