New PIA Guide from ICO

June 9, 2009

The latest version of the Privacy Impact Assessment (PIA) handbook was launched by the ICO on 5 June. The handbook is designed to be user-friendly and to help organisations address the risks to personal privacy before implementing new initiatives and technologies. The handbook can be accessed here.  

The ICO took the opportunity to urge organisations always to consider the impact on individuals’ privacy before developing new IT systems or changing the way they handle personal information. Jonathan Bamford, Assistant Information Commissioner at the ICO, said: ‘For the public to have trust in an organisation, individuals must be confident that their information is held securely and processed in line with the Data Protection Principles. Each time someone gives away their personal information this not only puts the data at risk, they can leave a footprint creating a detailed picture of aspects of their daily lives. Therefore, it is essential that, before introducing new systems and technologies which could accelerate the growth of a surveillance society, full consideration is given to the impact on individuals and that safeguards are in place to minimise intrusion’.


He continued: ‘Privacy impact assessments are a common sense approach to help organisations develop privacy friendly ways of working. The new PIA handbook is more accessible and will aim to assist organisations in protecting people’s personal information and ensuring that privacy safeguards are built into systems at the outset rather than bolted on as an inadequate and expensive afterthought.’


Following the HMRC data breach in November 2007 the Cabinet Office introduced a mandatory procedure for all central government departments and their agencies to adopt Privacy Impact Assessments when developing new systems. The ICO encourages all organisations to incorporate data protection safeguards into any new project involving personal information.