Privacy Impact Assessments

By Cybersecurity Implementation and Synchronization Directorate, Army Deputy Chief of Staff, G-6September 17, 2020

Privacy Impact Assessments (PIAs) are required by Section 208 of the E-Government Act for all Federal agencies that develop or procure new information technology involving the collection, maintenance, or dissemination of information in identifiable form. It is also required when substantial changes are made to existing information technology that manages information in identifiable form.

A PIA is an analysis of how information in identifiable form is collected, stored, protected, shared, and managed. The purpose of a PIA is to demonstrate that system owners and developers have incorporated privacy protections throughout the entire life cycle of a system. The Act requires the Army to make PIAs publicly available, except when the Army, in its discretion, determines publication of the PIA would raise security concerns, reveal classified (i.e., national security) information, or sensitive (e.g., potentially damaging to a nation interest, law enforcement effort or competitive business interest contained in the assessment) information.

Please contact Army CIO, Enterprise Services Agency, Army Records Management Directorate via email at For more information on PIAs, please refer to the following links:

Policy and Instructions