Privacy Impact Assessment (PIA)

A Privacy Impact Assessment (PIA) is a risk management and compliance review process used to identify and address potential information privacy and security issues, thus avoiding costly program, service, or process redesign and minimizing exposure to potential privacy breaches.

Why is a PIA required?
British Columbia’s Freedom of Information and Protection of Privacy Act (FIPPA) requires public bodies such as UBC to conduct a PIA for all new or substantially modified initiatives. An “initiative” refers to an enactment, system, project, program, or activity that supports University business.

Overall accountability for the PIA process resides with the University Counsel, under whose guidance the PrISM unit of UBC’s Safety & Risk Services (SRS) handles the PIA process.

PIA PROCESS OVERVIEW

Learn more about the PIA process and UBC’s risk-based approach

PIA GUIDELINES & TOOLS

Review expected use of standard services and tools

FAQ

Frequently Asked Questions

PIA INQUIRY

Request information about the PIA process, status, or project feasibility

REQUEST A PIA

Request a PIA for a project, initiative, or business event

PIA REPORTS

View completed Privacy Impact Assessment Reports