Completed Privacy Impact Assessments
The Office of the Auditor General of Canada (OAG) reinforces privacy management across the Office through the development of Privacy Impact Assessments (PIAs).
A Privacy Impact Assessment is an evaluation process which allows the OAG to assess and evaluate privacy, confidentiality or security risks associated with the collection, use or disclosure of personal information, and to develop measures intended to mitigate and eliminate identified risks.
In accordance with the Privacy Impact Assessment Policy, the OAG will conduct Privacy Impact Assessments for all new and significantly redesigned systems, programs, or activities involving the collection, use, disclosure, retention, or destruction, collectively referred to as “processing,” of personal information that raises unique or additional privacy, confidentiality, or security risks.
Institutions must develop and maintain PIAs to evaluate whether program and service delivery initiatives involving the processing of personal information comply with privacy requirements and to resolve privacy issues that may be of potential concern.
Under Treasury Board Policy, all departments and agencies must conduct PIAs for proposals of all new programs and services that raise privacy issues. The PIA goes through an internal approval process, including approval by the Access to Information and PrivacyATIP Coordinator and Legal counsel. Completed assessments are also sent to the Office of the Privacy Commissioner for review.
Below are links to the summaries of all Privacy Impact Assessments completed by the OAG: