DON Privacy Impact Assessment Guidance
DTG 181430Z MAY 09 - Publish Date: 05/18/09
This Naval message implements the Department of Defense Privacy Impact Assessment (PIA) guidance of Feb. 12, 2009, for the Department of the Navy. The following is highlighted:
- The guidance expands PIA coverage from just members of the public to include Federal personnel, Federal contractors, and Foreign Nationals employed at U.S. military facilities abroad.
- PIAs are required for legacy systems and electronic collections where a PIA had not previously been completed.
- PIAs are required to be reviewed and updated as necessary at least every three years in conjunction with the certification and accredidation cycle.
- The new DoD PIA form must now be completed and signed for all DON IT systems whether they collect PII or not (i.e, a partial PIA verifying that the IT system does not collect PII or a full PIA for those that do).