Manitoba Ombudsman releases revised Privacy Impact Assessment ToolReturn to listing
Oct 8, 2015
Manitoba Ombudsman releases revised Privacy Impact Assessment Tool
Manitoba Ombudsman has developed a user friendly Privacy Impact Assessment Tool that encourages organizations to think about privacy when evaluating an existing or proposed program, service or activity. This Privacy Impact Assessment Tool replaces the Compliance Review Tool for Manitoba’s Information Privacy Laws, developed by Manitoba Ombudsman in 2003.
Under The Freedom of Information and Protection of Privacy Act (FIPPA) and The Personal Health Information Act (PHIA), public bodies and trustees (organizations) have specific privacy obligations that govern how they collect, use and disclose the public’s personal and personal health information.
“We wanted to create a tool that supports organizations in assessing privacy risks when planning or evaluating an initiative that involves personal or personal health information,” said Manitoba Ombudsman Charlene Paquin. “If potential privacy risks are identified, reasonable steps can be taken to safeguard information and minimize risk.”
A privacy impact assessment (PIA) is recommended to:
determine when and how a project will impact privacy
save time and money by identifying privacy issues early in the design stage
assist organizations in exercising due diligence
address any privacy risks
assure the public that their personal and personal health information will be managed and safeguarded appropriately
Although a privacy impact assessment (PIA) is not a legal requirement under FIPPA and PHIA, organizations may have policies in place that require a PIA to be completed in some circumstances. This PIA tool is not intended to replace any other existing processes or tools.
The Privacy Impact Assessment Tool is available in print and on the Manitoba Ombudsman website at https://www.ombudsman.mb.ca/info/privacy-impact-assessment.html. A fillable version of the questionnaire portion of the PIA tool is also available.