The University is subject to Freedom of Information and Protection of Privacy Act (FIPPA) requirements, so it is important to responsibly collect, use, store and manage personal information within the University’s infrastructure.

The privacy impact assessment (PIA) service allows users of information technology to assess the impacts and risks related to the use of personal information for staff, faculty and students. PIAs are done as part of vendor and application reviews to identify privacy and compliance risks. However, it is recommended that any changes to data flows to existing processes also undergo PIAs to avoid non-compliance with FIPPA requirements.