Privacy Impact Assessment (PIA)

Privacy impact assessments (PIA) identify the privacy ramifications of business practices.

run an assessment of the current state of an org’s privacy practices
use a standard or framework
- ISO 27701
end result should be a privacy impact analysis
- identifies any places where the organization’s business practices handle personal information
- describes the impact of those practices on the organization’s legal and ethical privacy obligations

adam's notes