PIA (Privacy Impact Assessment)

A Privacy Impact Assessment (PIA) is a Methodology (or a systematic process) for assessing the impact on privacy of a project, policy, program, service, product or other initiative that involves the processing of personal information and, in consultation with stakeholders, for taking remedial actions as necessary in order to minimise negative privacy impacts.

With the recent requirements developed by various organisations to meet EU Mandate 436 in relation to "Information and Communication technologies applied to RFID and Systems", the CSG has prepared a framework template to help address the need for all stakeholders involved in distributing and operating RFID applications to undertake a Privacy Impact Assessment (PIA).

This framework sets out to accomplish two purposes:

  • Provide a template PIA for the common elements of the Contactless payment application, as well as possibility to add details of the individual implementation specificities; and
  • Provide a uniformed approach to use in documenting PIA for each product configuration across all entities

The CSG, through the work of its specialist ‘Privacy Impact Assessment Expert Team (PIA-ET)’ offers the downloadable template to all interested stakeholders to use as guidance for their own assessment process.

The template will be reviewed by the PIA-ET on a regular basis. Should you have any feedback or share your experiences on its use or layout, feel free to contact the CSG Secretariat.

 

 

You can download the CSG PIA Template Here:

CSG 024-15v1.0 - Privacy Impact Assessment Template.docx