Administrative measures are also necessary to support enforcement. For example, administrative actions are needed to promulgate codes of behavior and procedures that govern access to stored personal information. Penalties for violating such codes or procedures are also needed, as technological enforcement measures sometimes fail or do not cover certain eventualities.
Recommendation 3. Organizations should routinely test whether their stated privacy policies are being fully implemented.
Recommendation 4. Organizations should produce privacy impact assessments when they are appropriate.
It is often the case that information practices—adopted entirely for non-privacy-related reasons—have unforeseen or surprising impacts on privacy that may not even have been considered in the adoption of those practices. Inadvertent effects on privacy could be reduced if privacy were systematically considered before adopting new information practices or changing existing practices. Privacy impact assessments—analogous to environmental impact assessments—can be established as a regular part of project planning for electronic information systems. Explicit attention to privacy issues can be valuable even if these assessments remain internal to the organization. However, public review can encourage consideration from other perspectives and perhaps reduce unintended consequences that could generate additional rounds of feedback, costly retrofitting, and/or unnecessary erosion of privacy.
Federal agencies are already required to produce privacy impact assessments (PIAs) under the E-Government Act of 2002. Illustrative PIAs