The Essex website uses cookies. By continuing to browse the site you are consenting to their use. Please visit our cookie policy to find out which cookies we use and why. View cookie policy.

Working at Essex
Employee Voice survey Starting at Essex Equality, diversity and inclusion Employment policies, procedures and guidance Managing people Pay, rewards and benefits Pensions Taking leave Grading and reviews Professional development and training Recruiting staff Working flexibility Information and data UECS and Wivenhoe House staff Forums and networks
Teaching and learning
Academic standards and quality DBS checks for students Department student support roles Developing student success Exams and assessment Heads of Department Learning technologies Reading lists Staff awards and funding Student feedback Student wellbeing support and signposting Supporting students with disabilities and health conditions Supporting and welcoming new students Timetables
Research
Funding sources Making a funding application Research impact Promoting your research and research visibility Research governance Take part in research Managing an award Planning and assessment Knowledge exchange and commercialisation Research systems Repository and publishing Research management information Celebrating Excellence Awards
Our University
Brand Departments and schools Faculty support Freedom of information Governance Graduation Sustainability and biodiversity University partnerships
Services and facilities
Buildings, grounds and maintenance Crowdfunding Childcare Design, print and copy services Events, meetings and conferences Faith Centre Finance, planning and data insight Food and drink IT services Marketing and communications support Media Centre Parking Post and property services Professional Services teams Sport and recreation Strategic project delivery Student work experience and volunteering Theatre and arts on campus Travel, transport and accommodation Web support
Health, safety and wellbeing
Emergencies, security and safety Activities health and safety Equipment safety Health and safety support Fire safety Reporting health and safety incidents or concerns Risk assessment Safeguarding Work and study environments Working with physical agents Working with substances Your health and wellbeing
Online services
Email login Research Information System Research Repository Room booking form Unit4 Business World Phonebook Change your password
People and Culture
HR Organiser People Manager Develop at Essex Homepage Job vacancies
Academic
Moodle Libraries Academic departments FASER LEAP MyTutor Programme specifications Reading lists (Talis Aspire)
Info and help
Find your way campus map IT services Tableau Planning information portal Key dates Staff blog Report harassment Report a concern about student
Staff Directory Home Strategic project delivery Stage 1: Initiation and scoping Privacy impact assessment

Privacy impact assessment

The Project Manager must use a privacy impact assessment (PIA) to assess the impact on privacy during the lifecycle of a project. The following must be checked:

Impact Further action required 
Has no impact on privacy Where there is no impact on privacy no further action need be taken.
Has a minor impact on privacy Where there is a minor impact on privacy the Information Assurance Manager may ask the project manager to complete a privacy questionnaire. The outcome will be determined by the Information Assurance Manager in conjunction with the project manager. Any identified risks and recommendations are to be built into the project plans.
Has a major impact on privacy Where there is a major impact then a full Privacy Impact Assessment (PIA) should be undertaken, normally by the Information Assurance Manager, although an external consultant may be used.

If your project includes handling commercially sensitive information or information supplied under contract, or you have any queries about these documents, please contact the Information Assurance Manager infoman@essex.ac.uk.

Business case

The project Business Case should confirm that a checklist has been completed and whether or not the project will have an impact on privacy.

If the Information Assurance Manager has determined that a full PIA is necessary then the resource requirements for the project should include either the Information Assurance Manager’s time (normally five days), if they have capacity, or costs of an external consultant if a PIA is required. Consultancy cost will need to be part of the project budget.

Project reports

Project reports should report progress against recommendations arising from a PIQ or PIA.

Project risk registers should include risks identified by the PIQ or PIA.

Documentation

  1. Project Privacy Checklist - seven questions checklist for use by project managers. The outcome of the checklist is determined by the Information Assurance Manager, based on a standard scoring system.
  2. Project Privacy Questionnaire (.docx) - ten questions to be completed by project managers. The outcomes will include a set of risks identified and recommendations for mitigating those risks.
  3. Privacy Impact Assessment - investigative work carried out by the Information Assurance Manager. The outcomes will include a set of risks identified and recommendations for mitigating those risks.

Help and support

The Information Assurance Manager can be contacted for advice at any stage, infoman@essex.ac.uk

Project lifecycle stages
Stage 1: Project initiation and scoping
Stage 2: Project planning and defining the design and approach
Stage 3: Implementation readiness and delivery
Stage 4: Business as usual and benefits realisation
Arrow symbol
Contact us
Strategic Projects Office

  • University of Essex
  • Wivenhoe Park
  • Colchester CO4 3SQ

 

CONNECT WITH US
© 2024 University of Essex. All rights reserved