AFI 33-332 para 5.1.1. The E-Government Act of 2002 establishes business processes to “provide enhanced access to Government information and services in a manner consistent with laws regarding protection of personal privacy, national security, records retention, and access for persons with disabilities, and other relevant laws.” The Act inserted the Privacy Impact Assessment (PIA) into the government IT lifecycle. PIAs are required for all IT systems that collect, maintain, or disseminate information in identifiable form or that make substantial changes to existing information technology that manages information in identifiable form. PIA implementation for DoD IT investments is defined in DoDI 5400.16.
Click
Here to access current Air Force Pia list