Privacy impact assessments About the university

Privacy is the right to be left alone, or freedom from interference or intrusion. Assessments into the risk of a loss of privacy for individuals will be made by staff in certain circumstances.

Assessments into the risk of a loss of privacy for individuals should be made by staff in certain circumstances, such as the following:

  • Projects / plans / proposals
  • Administrative systems with privacy implications
  • Outsourcing a system
  • Methods of electronic communications
  • IT systems
  • Sharing of personal data with other bodies
  • Surveys
  • New or different use of personal data
  • Policies, or statutory duties
  • Whenever there is a potential for damage or distress to individuals

Retrospective PIAs can be undertaken.

Privacy Impact Assessment Template for staff. Staff should aim to complete and send PIAs to Compliance as soon as possible at the beginning of any of the above. Compliance will aim to get back to staff with first comments within 10 working days.