To comply with British Columbia’s Freedom of Information and Protection of Privacy Act (FIPPA) and UBC Information Security Standards, merchants may be requested to complete Privacy Information Assessment (PIA) review.
The UBC PCI policy requires new merchants to undergo PIA to ensure that potential privacy and security issues are identified, corrected or mitigated hence, all new merchants are asked to undergo PIA first before requesting a merchant account.
Existing merchants may also need to undergo PIA depending their request/changes to their current accounts/system.
Merchants will confirm to have a plan in place, to address the security and privacy risks identified by the PIA assessment (if any), before a merchant account can be created.
For more information, please refer to: https://universitycounsel.ubc.ca/access-and-privacy/pia/