Privacy Impact Assessment Paper

A privacy impact assessment (PIA) is a decision tool that can analyze of how personal information is collected, used, and maintained in a program. The purpose of a PIA is to prove that system owners or program managers consciously implement privacy protections throughout their development life cycle for their programs. In fact, the E-Government Act of 2002 requires for program managers to implement a PIA because it can help improve management and promotion (Privacy Impact Assessments. n.d). A PIA is a great tool that can be used to increase communication on how we can handle and address many of the privacy concerns that are still being faced today. There are a variety of practices that a federal IT manager can implement when they are preparing
One practice that should not be recommended is data mining. Many data mining systems that are used do not provide the necessary privacy protections leaving an organization at risk to protecting the confidentiality of an individual’s privacy. It is recommended that the data mining system should be deactivated until a PIA is approved that includes the system as a component being used in the PIA (Wilshusen, G. C. 2012). Another worst practice that should not be used is the use of excessive data collecting. With increase collecting private information from individuals can also lead into an increased risk of potential data breaches. It is recommended for an IT manager to limit the collection of personal information and to limit the time of how the data they collect is retained. Lastly, one worst practice that an IT manager should not implement is the use of swapping data. Swapping data is where a user replaces certain parts of the records with another similar record. This practice is ineffective and it is not recommended to be implement due to the privacy risks that can be implemented. These are some of the worst practices that an IT manager should avoid while they protect the individuals private