Privacy Impact Assessment (PIA)

The Privacy Impact Assessment is a formal and necessary compliance assessment process used to identify and evaluate privacy risks associated with the use of a solution or a service component offered by an identity service or a technology provider, or the development cycle of a project, a program or system (technology or solution).

Regulatory regimes:

  • Canada: The Personal Information Protection and Electronic Documents Act (PIPEDA)
  • Canada: Various Provincial Privacy laws
  • EU: General Data Protection Regulation (GDPR)

Available services

Documentation Review

Pillar: Privacy | Type: Conformity | Level: 1

This option includes the review of software documentation and related company policies, plans and procedures against relevant privacy frameworks. The deliverable will be a detailed report containing insights and recommendations on how to improve the privacy robustness of your solution and of its future development. The report would indicate that IDLab did not perform an arm’s length examination of the software and only relied on documentation.


Technology Review

Pillar: Privacy | Type: Conformity | Level: 2

This option includes an arm’s length review of software policies and business logic, user rights management procedures, coupled with a review of software documentation and related company policies, plans and procedures against relevant privacy frameworks. The deliverable will be a detailed report containing insights and recommendations on how to improve the privacy robustness of your solution and of its future development. The report would indicate that IDLab did perform an arm’s length examination of the software.


That's what they say ;-)

“The Digital Identity Laboratory of Canada continues to advance the country’s digital identity ecosystem through persistent advocacy of compliance and interoperability. This collaboration spurred between the private and public sectors has allowed providers and partners to work together and accelerate the understanding and adoption of digital identity across Canada.

These developments have been crucial with the increase of remote work and the importance of safe online transactions. Canadians need methods to trust online verifications to the same degree as in-person transactions, and the Lab plays a major role in allowing organizations to evaluate and adopt these solutions.

We are proud to be a sponsor of the Lab. Working alongside them to expand Verified.Me’s interoperability with international standards and improve the digital lives of Canadians has been an inspiring experience, and we are excited for what this beneficial partnership will continue to have in store for the future.”

Didier Serra, SecureKey Technologies

Blog

Read the blog