X hits on this document

Powerpoint document

HHS Cybersecurity Program Training Information Security for Information Technology (IT) Administrato... - page 111 / 158

491 views

0 shares

0 downloads

0 comments

111 / 158

U.S. Department of Health and Human Services

A PIA is an assessment process for identifying and mitigating the privacy risks posed by an information system. At a minimum, PIAs must analyze and describe the following:

What information is to be collected;

Why the information is being collected (e.g., to determine eligibility);

Intended use of the information (e.g., to verify existing data);

With whom the information will be shared (e.g., another agency for a specified programmatic purpose);

What opportunities individuals have to decline to provide information (i.e., where providing information is voluntary) or to consent to particular uses of the information (other than required or authorized uses), and how individuals can grant consent;

How the information will be secured (i.e., management, operational, and technological controls); and

Whether a system of records is being created under the Privacy Act, 5 U.S.C. 552a.

Page 3 of 9

System Security Testing

Privacy Impact Assessment (PIA)

Document info
Document views491
Page views491
Page last viewedMon Jan 16 20:48:45 UTC 2017
Pages158
Paragraphs2058
Words16945

Comments