Privacy impact assessments

A privacy impact assessment (PIA) is a systematic assessment of a project that identifies potential privacy impacts and recommendations to manage, minimise or eliminate them.

To be effective, a PIA should be an integral part of the project planning process: it can help facilitate a privacy-by-design approach, identify better practice and help ensure compliance with the Privacy Act. Australian Government agencies are also required to undertake a PIA for all high privacy risk projects.

Guide to undertaking a PIA e-learning: Undertaking a PIA

Businesswoman examining documents at desk 515444656 7952x5304

Resources

Guide to undertaking privacy impact assessments

Our suggested ten step PIA process, intended for all APP entities

Privacy impact assessment tool

Download our PIA tool to help you conduct and report on your assessment

10 steps to undertaking a privacy impact assessment

Printable poster

Privacy by design

Assess privacy risks early in a design to minimise them

Assessing privacy risks in changed working environments: Privacy Impact Assessments

Tips on key privacy issues to consider in remote working arrangements

Guidance for Australian Government agencies

When do agencies need to conduct a privacy impact assessment?

A guide and template to help agencies complete a PIA

Australian Government Agencies Privacy Code

Find out who the Code applies to, and what it requires

Privacy Officer Toolkit

What you need to know to carry out the Privacy Officer functions in your agency