Office of the Saskatchewan Information and Privacy Commissioner. Guide to FOIP, Chapter 6, Protection of Privacy. Updated 27 February 2023. 316 Why do a PIA? • Risk mitigation • Save time and money • Confirms legal authority • Marketing/communications • Ethics • There are risks associated with NOT doing one: o The risk to the privacy of individuals o Loss of public trust and confidence o Risk to services, programs, or activities – electronic systems in particular o Risk of government and its employees being exposed to liability When to complete a PIA: Consider doing a PIA when you plan a: • New system or administrative practice. • Major change to an existing system or practice. • Review of existing systems, services, and practices to ensure that all privacy requirements continue to be met, identify new risks to privacy because of changing technology. How to complete a PIA:812 A privacy assessment involves much more than completing a form or a checklist. It is an assessment, risk identification and risk mitigation process that requires a variety of skills.813 1. Gather the right team of experts, specialists, and advisors. To carry it out properly, a variety of skill sets will be needed – such as program managers, technical specialists and privacy and legal advisors. 812 The information that follows has been sourced and adapted from Government of Manitoba, FIPPA for Public Bodies – Resource Manual, Chapter 6, Protection of Privacy at pp. 6-251 to 253. Available at Chapter (gov.mb.ca). Accessed December 17, 2022. 813 Adapted from Government of Manitoba, FIPPA for Public Bodies – Resource Manual, Chapter 6, Protection of Privacy at p. 6-247. Available at Chapter (gov.mb.ca). Accessed December 17, 2022.
RkJQdWJsaXNoZXIy MTgwMjYzOA==