All organizations, in both private and public sectors, collect, use, process and share personal information in some manner, either from their employees, clients or the public. Consequently, all organizations are at risk of a privacy breach. This is especially so if your organization does business across provinces and Canadian borders, as privacy laws differ across the nation as well as globally. As per the Office of the Privacy Commissioner of Canada (OPC), "a privacy breach occurs when there is unauthorized access to or collection, use or disclosure of personal information." A thorough understanding of Canadian private and public sector laws and practices is vital the foundation to avoiding such a breach.

A Privacy Impact Assessment is a method for identifying and assessing an organization's privacy risks to avoid or mitigate risk and identify solutions for managing privacy risk. While the PIA is a significant tool, it is a relatively new tool, to both public and private organizations. For this reason, a PIA can vary considerably in quality and follow-up. Privcurity's bases its design, methodology and approach to a PIA on an organization's industry and appropriate legislation, laws, guidelines and trends surrounding that industry such as the Privacy Act, the Personal Information Electronics Document Act, with provincial differences as well as laws surrounding trans-border data flow in mind.