US flag signifying that this is a United States Federal Government website   Official website of the Department of Homeland Security

Homeland Security

Privacy Impact Assessments

The Privacy Impact Assessment (PIA) is a decision tool used by DHS to identify and mitigate privacy risks that notifies the public:

  • What Personally Identifiable Information (PII) DHS is collecting;
  • Why the PII is being collected; and
  • How the PII will be collected, used, accessed, shared, safeguarded and stored.

Privacy Impact Assessment (PIA) Inventory

All DHS PIAs can be found in the left navigation of this page, listed by DHS Program or by Component, e.g., CBP.

A PIA should accomplish three goals:

  1. Ensure conformance with applicable legal, regulatory, and policy requirements for privacy;
  2. Determine the risks and effects; and
  3. Evaluate protections and alternative processes to mitigate potential privacy risks.

DHS conducts a PIA when:

  • Developing or procuring any new technologies or systems that handle or collect PII.
  • Creating a new program, system, technology, or information collection that may have privacy implications.
  • Updating a system that results in new privacy risks.
  • Issuing a new or updated rulemaking that entails the collection of PII.

Read our official guidance on the drafting of Privacy Impact Assessments, including document templates.


Last Published Date: August 24, 2015

Was this page helpful?

Back to Top