Our website uses cookies so we can analyse our site usage and give you the best experience. Click "Accept" if you’re happy with this, or click "More" for information about cookies on our site, how to opt out, and how to disable cookies altogether.

We respect your Do Not Track preference.

AskUs

What is a privacy impact assessment and how do I do one?

A privacy impact assessment (PIA) is a tool used by agencies to help them identify and assess the privacy risks arising from their collection, use or handling of personal information. A PIA will also propose ways to mitigate or minimise these risks.

A PIA can be particularly useful when an agency is considering introducing a new policy or operating system, or when making changes to an existing process.

Use our PIA toolkit for guidance on whether you should do a PIA and how to do a PIA.

Updated October 2025