Calendar A-Z Index School of Arts and Sciences University of Pennsylvania

Security and Prviacy Impact Assessment (SPIA)

Printer-friendly versionPrinter-friendly versionSend by emailSend by email

SPIA is designed to give every department and center the opportunity for a one-on-one consultation with an expert on information security at least once a year. One of the things we focus on for SPIA is whether your computers or your paper files might contain sensitive data, whether by design or by accident (for example, old grade sheets at one time used Social Security numbers as student identifiers). An experienced LSP can often help you find old stores of data that you didn't even realize still existed.

If you are concerned that you might have PII on your computer or in your paper files, and you don't want to wait until you hear about SPIA, you don't have to! You can contact your LSP anytime to talk about infomation security concerns that you may have.

If you have already done SPIA, that's great! That means you have already taken an important step toward protecting your data. You can expect that you will hear from your LSP about once a year to do a SPIA review. We are required to do it every year, and with good reason: the University's information landscape is constantly changing. New innovations and new services often mean that our uses of information need to be reexamined. Even retiring an old service or process could prompt changes in the way data is handled or stored.