Privacy Impact Assessments (PIA)

General Information

Section 208 of the E-Government Act of 2002 helps to ensure that agencies put in place sufficient protections for the privacy of personal information in implementing a citizen-centered electronic government. It requires agencies to conduct Privacy Impact Assessments (PIAs) for information technology (IT) systems or projects that collect, maintain or disseminate information in identifiable form from or about members of the public or when initiating a new electronic collection of information in identifiable form for 10 or more persons (excluding agencies, instrumentalities, or employees of the federal government).

Among other things, the PIA process requires agencies to review what information is collected, why the information is collected, how the information will be used by the agency, with whom the information will be shared, and how the information is handled and secured when using IT to collect new information or when developing or buying new IT systems to handle collections of personally identifiable information. PIAs conducted for "major information systems," as defined in OMB Circular A-130 (Section 6.u.) and OMB Circular A-11 (section 300-4 (2003)), reflect more extensive analysis of the consequences of collection and flow of information, the alternatives to the collection and handling as designed, the appropriate measures to reduce risks identified for each alternative, and the rationale for the final design choice or business process.

In general, agencies are required to make PIAs publicly available through publication in the Federal Register or through posting on agency websites.

Objectives

The objectives of a PIA include:

  1. Provide a tool to make informed policy and system design or procurement decisions based on an understanding of privacy risks and options available for mitigating these risks.
  2. Ensure that system and program managers are accountable for the proper handling of privacy issues.
  3. Establish a consistent format and structured process for analyzing both technical and legal compliance with applicable privacy laws and regulations, as well as accepted privacy policy.
  4. Provide basic documentation on the flow of personal information within systems for use and review by policy, program, and management staff; systems analysts; and security specialists.
  5. Provide the public with assurances that their personal information is protected.

Privacy Impact Assessments

The following are official Privacy Impact Assessments (PIAs) of significant initiatives at the U.S. Department of Education. PIAs are available in .pdf format:

Federal Student Aid

  1. download files PDF [60K] Student Aid on the Web (SAOTW) - September 5, 2003
  2. download files PDF [66k] Common Origination and Disbursement (COD) - February 3, 2005
  3. download files PDF [67k] Electronic Campus-Based System (eCBS) - August 30, 2005
  4. download files PDF [47k] Enterprise Management Support System (EMSS) - April 3, 2006
  5. download files PDF [60k] Common Services for Borrowers (CSB) - June 23, 2006
  6. download files PDF [94K] Ombudsman Case Tracking System (OCTSv3.0) - July 19, 2006
  7. download files PDF [100k] Virtual Data Center (VDC) - August 1, 2007.
  8. download files PDF [54K] Financial Management System (FMS) - October 18, 2007
  9. download files PDF [62K] Electronic Cohort Default Rate Appeals System (eCDR) - December 7, 2007
  10. download files PDF [64K] National Student Loan Data System (NSLDS) - November 16, 2007
  11. download files PDF [50K] Postsecondary Education Participate System (PEPS) - March 17, 2008
  12. download files PDF [57K] Student Aid Internet Gateway (SAIG) - May 1, 2008
  13. download files PDF[58K] Conditional Disability Discharge Tracking System (CDDTS) - June 10, 2008
  14. download files PDF [60K] Debt Management and Collections System (DMCS) - June 10, 2008
  15. download files PDF [66K] Direct Loan Consolidation System (DLCS) - June 10, 2008
  16. download files PDF [66K] Direct Loan Servicing System (DLSS) - June 10, 2008
  17. download files PDF [111k] FAFSA on the Web - July 7, 2008
  18. download files MSWord [335k] ZOOMERANG - January 23, 2009

Office of the Chief Financial Officer

  1. download files PDF [46k] Travel Manager System - January 4, 2005
  2. download files PDF [63k] Grants Administration and Payment System (GAPS) - January 4, 2005
  3. download files PDF [120k] Education's Central Automated Processing System (EDCAPS) - August 10, 2007

Office of the Chief Information Officer

  1. download files PDF [46k] Educate - September 3, 2008

Office for Civil Rights

  1. download files PDF [106k] Case and Activity Management System (CAMS) - August 10, 2007

Office of Communications and Outreach

  1. download files PDF [87 k] Presidential Scholars Program - November 2006
  2. download files PDF[87K] Secretary's Blog - August 6, 2008

Office of Elementary and Secondary Education

  1. download files PDF [108k] Migrant Student Information Exchange (MSIX) - May 24, 2006
Office of Inspector General
  1. download files PDF [100k] Data Analysis System - November 16, 2007
  2. download files PDF [90k] IES Predoctoral and Postdoctoral Fellows Survey - August 2008
  3. download files PDF [55k] OIG LAN - August 6, 2008

Office of Management

  1. download files PDF [106k] FOIAXpress - August 27, 2007
  2. download files PDF [109k] EDSTAR System - September 2007
  3. download files MSWord [244k] EDPUBS - December 12, 2008

Office of Postsecondary Education

  1. download files PDF [71k] Jacob K. Javits Fellowship System - September 28, 2007
  2. download files PDF [55k] TRIO Programs Annual Report (APR) System - May 20, 2008

Office of the Secretary

  1. download files PDF [116k] Secretary's Communications Control System - April 21, 2008

Office of Special Education and Rehabilitative Services

  1. download files PDF [67k] Case Service Report - April 14, 2008

 
Print this page Printable view Send this page Share this page
Last Modified: 01/26/2009