Has anyone ever completed a Privacy Impact assessment (PIA) on Asana that they may be willing to share?
Some background: A PIA is self assessment tool to assist health information custodians in reviewing the impact that a proposed information system, technology or program may have
on the privacy of an individual’s personal health information under PHIPA (Personal Health
Information Protection Act, 2004 - Ontario government). It is recommended that health information custodians with significant existing information systems, technologies or programs involving personal health information, or adopting new systems, technologies or programs,
strongly consider conducting a PIA to identify and mitigate privacy risks. This is because a PIA is a valuable due diligence exercise, in which a health information custodian identifies and addresses potential privacy risks that may occur in the course of operating a proposed or existing information system, technology or program. In addition, privacy impact assessments have become a standard part of the “best privacy practices” undertaken by many organizations in the
health sector in other jurisdictions, as well as several health information custodians in Ontario.