Section 208 of the E-Government Act of 2002 establishes government-wide requirements for conducting, reviewing and publishing Privacy Impact Assessments (PIA). The PIA directs agencies to conduct reviews of how privacy issues are considered when creating or purchasing new information technology (IT) systems or when initiating new electronic collections of information in identifiable form. A PIA addresses privacy factors for all new or significantly altered IT systems or projects that collect, maintain or disseminate personal information from members of the public and Department of the Army military, civilian, or contractor personnel. PIAs are conducted and maintained for systems that meet that criteria. The Department of Defense (DoD) Chief Information Officer issued an update to DoD Instruction NUMBER 5400.16, dated February 12, 2009 directing that PIAs be performed on systems that contain Personal Identifiable Information (PII) on Federal personnel, DoD contractors and, in some cases, Foreign Nationals.
The PIA helps ensure that individuals’ PII in electronic form is collected only when necessary, and that the supporting IT experts protect and preserve the privacy of the American public in a manner that maximizes the protection of privacy and security while ensuring continuity of service to American citizens.
The Department of the Army has PIAs on file and available for public viewing upon request. Please contact the Army’s CIO-G6 Privacy Impact Assessment Team via email at firstname.lastname@example.org for more information on PIAs, or refer to the following links:
Links to PIA Guidance