The purpose of this document and process is to serve as an educational resource and best practices guide for all West Virginia Executive Branch Departments to efficiently and properly perform Privacy Impact Assessments (PIA). A PIA is used to assess the privacy impact and risks to PII stored, used and exchanged by information systems. This guide illustrates when to conduct a PIA and the steps needed to support and assist departments in PIA preparation and implementation activities. As such it is a risk tool to provide accountability for privacy program compliance.
West Virginia Executive Branch Privacy policy and procedure is not based on any one federal or state privacy law. This privacy policy/procedure materially addresses the various requirements of the majority of the laws and regulations with which the West Virginia Executive Branch must comply and serves as a foundation or baseline. There are twenty-four related federal laws and twenty-eight state laws that govern various aspects of the West Virginia Executive Branch privacy program.
Summaries of West Virginia’s Privacy Requirements may be found at http://privacy.wv.gov/SiteCollectionDocuments/Legal/2016%20Privacy%20Requirements%20FINAL.pdf
This guidance is not more stringent than similar federal law.