A Privacy Impact Assessment (PIA) is an analysis of how personally identifiable information (PII) is handled in DoD information systems or electronic collections. The PIA examines and evaluates protections for handling information to mitigate potential privacy risks. A PIA also analyzes and describes the following information about a system:
- What information is being collected?
- Why the information will be collected?
- What is the intended use of the information?
- With whom will the information be shared?
- How will the information be secured?
The Defense Health Agency (DHA) PIA program coordinates the PIA process within DHA, in compliance with the E-Government (E-Gov) Act of 2002, Section 208, OMB M-03-22, and DoDI 5400.16.
The DHA PIA team assists information system owners and developers who collect, maintain and/or disseminate PII in demonstrating the incorporation of required protections throughout the entire life cycle of a system.
You also may be interested in...
Showing results 1 - 15
Page 1 of 2
Fact Sheet
7/28/2016
This Information Paper provides an overview of Privacy Impact Assessment (PIA).
Recommended Content:
Privacy Impact Assessments
Form/Template
3/31/2016
The purpose of the PTA is to identify if a system contains personally identifiable information (PII); and determine whether a Privacy Impact Assessment (PIA) is required, whether a System of Records Notice (SORN) is required, and if any other privacy requirements apply to the information system.
Recommended Content:
Privacy Impact Assessments, Privacy and Civil Liberties
Form/Template
3/21/2016
The DHA PIA Guide addresses the common issues encountered during the completion of a PIA. This PIA Guide enhances the assessment process and helps the DHA Privacy and Civil Liberties Office efficiently conduct a PIA review to completion.
Recommended Content:
Privacy Impact Assessments
Fact Sheet
4/16/2015
The Military Health System (MHS) Privacy Impact Assessment (PIA) Process Overview describes how to submit a PIA.
Recommended Content:
Privacy Impact Assessments
Fact Sheet
5/1/2014
Personally identifiable information (PII) is information that identifies, links, relates, or is unique to, or describes you. This also includes information which can be used to distinguish or trace your identity and any other personal information which is linked or linkable to you.
Recommended Content:
Privacy Act at DHA, Privacy Impact Assessments, HIPAA Compliance within the MHS, How HIPAA Protects You, Submit a Data Sharing Application, Breaches of PII and PHI, Freedom of Information Act, DHA Privacy Contract Language, Protect Humans in Research, Privacy Act and HIPAA Privacy Training
Policy
This Instruction reissues and renames DoD Directive (DoDD) 8500.01E as a DoD Instruction (DoDI) pursuant to the authority in DoDD 5144.02 to establish a DoD cybersecurity program to protect and defend DoD information and information technology (IT).
Policy
This Instruction reissues and renames DoD Instruction (DoDI) 8510.01 in accordance with the authority in DoD Directive (DoDD) 5144.02. It also establishes the RMF for DoD IT (referred to in this Instruction as “the RMF”), establishing associated cybersecurity policy, and assigning responsibilities for executing and maintaining the RMF.
Fact Sheet
7/1/2011
This Information Paper provides an overview of the E-Government (E-Gov) Act of 2002 mandating the use of machine-readable privacy policies by Federal agencies on websites used by the public.
Recommended Content:
Privacy Impact Assessments
Policy
This Memorandum requires Federal agencies to take specific steps to protect individual privacy whenever they use third-party websites and applications to engage with the public.
Showing results 1 - 15
Page 1 of 2