Privacy Impact Assessments (PIA)

Privacy Impact Assessments (PIA) determines if Personally Identifiable Information (PII) is contained within a system, what kind of PII, what is done with that information, and how that information is protected. Systems with PII are subject to an extensive list of requirements based on privacy laws, regulations, and guidance. The HHS Privacy Act Officer, SAMHSA Senior Official for Privacy and SAMHSA Information Security Officer can all be used as a resource for questions related to the technicalities of privacy law and the required privacy controls for information systems.

PIA Summary

Privacy Impact Assessments (PIA) determines if Personally Identifiable Information (PII) is contained within a system, what kind of PII, what is done with that information, and how that information is protected. Systems with PII are subject to an extensive list of requirements based on privacy laws, regulations, and guidance. The HHS Privacy Act Officer, SAMHSA Senior Official for Privacy and SAMHSA Information Security Officer can all be used as a resource for questions related to the technicalities of privacy law and the required privacy controls for information systems. In accordance to the Office of Management and Budget (OMB) Memorandum (M) 03-22 please find SAMHSA PIA's:

  • Drug and Alcohol Information Services (DASIS) now Behavioral Health Services Information System (BHSIS)
  • National Registry of Evidence-based Programs and Practices (NREPP)
  • National Survey on Drug Use and Health (NSDUH)
  • Physical Access Control System (PACS)
  • Prevention Management Reporting and Training System (PMRTS)
  • Public Engagement Platform (PEP) formerly SHIN
  • SAMHSA Website
  • Services Accountability Improvement System (SAIS)
  • Web-Block Grant Application System (WebBGAS)

To receive a copy of these PIAs, please contact info.privacy@samhsa.hhs.gov.

Last Updated: 06/18/2014