ICO launches consultation on its PIA code



The Privacy Impact Assessment (PIA) Code of Practice is intended to replace the ICO's current Privacy Impact Assessment PIA) Handbook. The ICO says it wishes to produce a practical guide to help organisations conduct assessments of new projects that involve the use of personal information.

The consultation on this draft code will close on 5 November. The ICO seeks views, for example, on whether the draft code of practice explains clearly why and how an organisation should conduct a PIA. The ICO is also keen to hear from organisations how the PIA process could be integrated with project management methodologies.

The ICO says that conducting a PIA does not have to be complex or time-consuming. The PIA methodology should be as flexible as possible so that it can be integrated with an organisation's existing ways of working.

Conducting a PIA is not a legal requirement of the DP Act. The ICO will support sectoral groups which wish to develop a PIA methodology to apply to their particular sector.

See the draft Code.

See video clips on PIAs from last month's PL&B's Annual International
Conference.