You are here

Privacy Impact Assessments

The Privacy Impact Assessment (PIA) is a decision tool used by DHS to identify and mitigate privacy risks that notifies the public:

  • What Personally Identifiable Information (PII) DHS is collecting;
  • Why the PII is being collected; and
  • How the PII will be collected, used, accessed, shared, safeguarded and stored.

All DHS PIAs are listed (left) by DHS Program or by Component, e.g., CBP.

A PIA should accomplish three goals:

  1. Ensure conformance with applicable legal, regulatory, and policy requirements for privacy;
  2. Determine the risks and effects; and
  3. Evaluate protections and alternative processes to mitigate potential privacy risks.

DHS conducts a PIA when:

  • Developing or procuring any new technologies or systems that handle or collect PII.
  • Creating a new program, system, technology, or information collection that may have privacy implications.
  • Updating a system that results in new privacy risks.
  • Issuing a new or updated rulemaking that entails the collection of PII.
Last Published Date: November 25, 2020

Was this page helpful?

This page was not helpful because the content:
Back to Top