Privacy by design
On this page
- Assess privacy risks early, so your design anticipates and addresses them
- Complete a privacy impact assessment to minimise privacy risks
‘Privacy by design’ is a process for embedding good privacy practices into the design specifications of technologies, business practices and physical infrastructures. This means building privacy into the design specifications and architecture of new systems and processes.
It’s more effective and efficient to manage privacy risks proactively, rather than to retrospectively alter a product or service to address privacy issues that come to light.
To build privacy in, you need to understand the privacy impacts. A privacy impact assessment is the best way to do this.
Complete a privacy impact assessment
A privacy impact assessment (PIA) is a systematic assessment of a project that identifies the impact that the project might have on the privacy of individuals, and sets out recommendations for managing, minimising or eliminating those impacts.
Completing a PIA can be straightforward, the important thing is to turn your mind to the privacy risks.
Each PIA will vary depending on the nature and extent of personal information that is involved in a project. However, there are some general principles that consistently apply to PIAs.
- needs to consider the privacy risks and mitigation strategies for a project, it’s not just a basic compliance check
- should be done at a stage that is early enough for it to influence how the project proceeds (for example, at the planning and design or business case stage)
- should evolve with a project (an effective PIA will contemplate privacy risks that might arise if a project expands in scale or scope; when the project changes, the PIA should be revisited and updated)
- should incorporate feedback on privacy risks from stakeholders that might be interested or affected by a project
- will map how information is collected as part of a project, and once it is collected, how the information will flow (who can access it, how it will be stored, what it will be used for, and so on)
- should identify any privacy issues and suggest ways that the privacy risks can be managed, minimised or eliminated (using the information flow map)