Inventory of Privacy Impact Assessments
- Department-wide Programs
- Customs and Border Protection (CBP)
- U.S. Citizenship and Immigration Services (USCIS)
- Citizenship and Immigration Services Ombudsman (CISOMB)
- Federal Emergency Management Agency (FEMA)
- Federal Law Enforcement Training Center (FLETC)
- Immigration and Customs Enforcement (ICE)
- Management Directorate
- National Protection and Programs Directorate (NPPD)
- Office of Inspector General
- Operations Coordination & Planning
- Science & Technology (S&T)
- Transportation Security Administration (TSA)
- U.S. Coast Guard
- U.S. Secret Service
What is a Privacy Impact Assessment (PIA)?
A decision tool used by DHS to identify and mitigate privacy risks that notifies the public:
- What Personally Identifiable Information (PII) DHS is collecting;
- Why the PII is being collected; and
- How the PII will be collected, used, accessed, shared, safeguarded and stored.
A PIA should accomplish three goals:
- Ensure conformance with applicable legal, regulatory, and policy requirements for privacy;
- Determine the risks and effects; and
- Evaluate protections and alternative processes to mitigate potential privacy risks.
DHS conducts a PIA when:
- Developing or procuring any new technologies or systems that handle or collect PII.
- Creating a new program, system, technology, or information collection that may have privacy implications.
- Updating a system that results in new privacy risks.
- Issuing a new or updated rulemaking that entails the collection of PII.
Read our official guidance on the drafting of Privacy Impact Assessments, including document templates.