X hits on this document

Powerpoint document

HHS Cybersecurity Program Training Information Security for Information Technology (IT) Administrato... - page 111 / 158

391 views

0 shares

0 downloads

0 comments

111 / 158

U.S. Department of Health and Human Services

A PIA is an assessment process for identifying and mitigating the privacy risks posed by an information system. At a minimum, PIAs must analyze and describe the following:

What information is to be collected;

Why the information is being collected (e.g., to determine eligibility);

Intended use of the information (e.g., to verify existing data);

With whom the information will be shared (e.g., another agency for a specified programmatic purpose);

What opportunities individuals have to decline to provide information (i.e., where providing information is voluntary) or to consent to particular uses of the information (other than required or authorized uses), and how individuals can grant consent;

How the information will be secured (i.e., management, operational, and technological controls); and

Whether a system of records is being created under the Privacy Act, 5 U.S.C. 552a.

Page 3 of 9

System Security Testing

Privacy Impact Assessment (PIA)

Document info
Document views391
Page views391
Page last viewedMon Dec 05 16:41:03 UTC 2016
Pages158
Paragraphs2058
Words16945

Comments