Privacy Impact Assessments

Section 208 of the E-Government Act of 2002 establishes Government-wide requirements for conducting, reviewing, and publishing Privacy Impact Assessments (PIA). The following guidance from DOD directs all DOD components to conduct reviews of how privacy issues are considered when purchasing or creating new Information Technology (IT) systems or when initiating new electronic collections of information in personally identifiable form. A PIA addresses privacy factors for all new or significantly altered Information Technology (IT systems or projects that collect, maintain, or disseminate personal information from or about members of the public - excluding information on DoD personnel). The OMB government-wide guidance directs all Federal agencies, including the Department of Defense, to conduct PIAs on a slightly broader category of individuals, i.e., including contractors. Therefore, the OUSD(A&S) guidance mirrors the OMB government-wide guidance and adheres to this standard.