Section 208 of the E-Government Act of 2002 establishes government-wide requirements for conducting, reviewing and publishing Privacy Impact Assessments (PIA), DD Form 2930. The PIA directs agencies to conduct reviews regarding the security of privacy data when creating or purchasing new information technology (IT) systems or when initiating new electronic collections of information in identifiable form. A PIA addresses privacy factors for all new or significantly altered IT systems or projects that collect, maintain or disseminate personal information from members of the public and Department of the Army military, civilian, or contractor personnel. PIAs are conducted and maintained for systems that meet that criteria.

The Department of Defense (DoD) Chief Information Officer in DoD Instruction 5400.16, directed that PIAs be performed on systems that contain Personal Identifiable Information (PII) on Federal personnel, DoD contractors and, in some cases, Foreign Nationals The PIA helps ensure that individuals' PII in electronic form is collected only when necessary, and that the supporting IT experts protect and preserve the privacy of the personnel in a manner that maximizes the protection of privacy and security while ensuring continuity of service to American citizens. National Security Systems (NSS) must protect the PII they collect, but are not required to submit a PIA.

The Department of the Army has PIAs on file and available for public viewing upon request. Please contact the Army's Deputy Chief of Staff G-6, Privacy Impact Assessment Team via email at for more information on PIAs, or refer to the following links:

Policy and Instructions


Amplifying Guidance

  • PIA Process Tactics, Techniques and Processes (TTP) (In development)
  • PIA Confidentiality Impact Level Spreadsheet (In development)
  • Role based color coded PIA (In development)
  • PIA Process Swim lanes (In development)

Links to Additional Information

PIA Points of Contact

Army CIO-G6 PIA Inbox

Fiscal Year 2020 Assessments