Multi-Jurisdiction Privacy Assessment

Privacy Assessment

Privacy Impact Assessments (PIA) are frequently required for new information initiatives in the public sector. A PIA audits an organization’s processes to determine how these processes support or compromise the privacy of personal information collected, held or processed by the organization.

Our privacy by design approach to projects promotes privacy and data protection compliance from the start. This proactive approach supports compliance with legislation across jurisdictions.

Project Objective

Review privacy practices surrounding an online outreach and data collection tool to be implemented across three provinces, highlighting areas of vulnerability and concern.

Approach

KI Design offered tailored information, access, and privacy services. Following the Privacy in Design method, we focused on issues most relevant to the organization. We provided privacy expertise, recommendations, and practical implementation tools to resolve privacy concerns regarding a pilot project for the organization’s online outreach tool.

We conducted a review in three stages:

Jurisdictional Analysis: Building a profile of the organization’s legal and contractual compliance with regulations within jurisdictions of operation.

Risk Measurement and Control Methods: Evaluating risk, reviewing control methods, implementing checklists, installing issue management systems and writing risk mitigation plans.

Providing practical solutions which could be implemented quickly for the pilot project.

At the end of the assessment, we ensured that systems and processes were in place to support the adoption and implementation of the outreach and data collection tool, along with appropriate privacy controls.

Methods

Highlights