Privacy Impact Assessments and Systems of Records Notices
Privacy Impact Assessments (PIAs)
Privacy Impact Assessments are tools used to identify and mitigate risk for systems that collect Personally Identifiable Information (PII). They identify PII types, and how PII will be collected, shared, used, accessed, safeguard, stored, and corrected.
Systems of Record Notices (SORNs)
SORNs are required by 5 U.S.C. 552a(e)(4); 5 U.S.C. 552a(5); see OMB Circular A-130. SORNs provide the public notice with MCC’s collection of Privacy Act information and are published in the Federal Register. They identify the purpose, use, sharing, and categories of PII collected; and how to communicate with MCC’s Privacy Office.