Security and Privacy Impact Assessment (SPIA)
Why do a Security and Privacy Impact Assessment (SPIA)? Who will it benefit?
The SPIA process is one that supports schools, centers, business units, and
the university as a whole. More importantly the process will help protect our
students, patients, research subjects, and employees by ensuring the information
entrusted to Penn is protected and used only for their intended purposes. Completing
such an analysis is extremely important in today's technologically advanced
world. Users should understand what risks exist in their environment, and how
those risks can be reduced or even eliminated.
Provided at the links below are instructions and guidance for the SPIA Web Application along with a link to the SPIA Web Application itself. In order to access the SPIA Web Application, you will need to be designated as a School/Center Administrator or Inventory Manager by your School/Center's SPIA Coordinator.
Related Links and Resources
Cloud Computing and Other Data Outsourcing [PennKey authentication required]
University Policies for Information Privacy and Security
Privacy and Security Charter
Payment Card Industry Security Standards
HIPAA Privacy and Security Rules
Gramm Leach Bliley Act
Last updated: Tuesday, January 3, 2017