FippaFlow

Under BC’s Freedom of Information and Protection of Privacy Act, every public body that starts a new initiative has to complete a Privacy Impact Assessment. The PIA is meant to be a safeguard. In practice, it is the thing that kills good initiatives.

Filling one out is a multi-week dance through Word templates, legal wording, and back-and-forth with privacy officers. Teams give up. Projects either ship without the review, or don’t ship at all. Neither is the outcome the law was written to produce.

What FippaFlow is

A guided questionnaire that turns the interview into a finished PIA. You answer questions about the initiative, the system, and the data. FippaFlow produces a first draft that matches the format privacy officers expect. The team saves weeks. The privacy officer gets a cleaner starting point. The project ships with the review actually done.

Why I’m building it

I worked inside a BC public body and watched good ideas die on the PIA step. Not because the ideas were bad, but because the paperwork was the wall. It takes too much effort and time to complete a PIA, the research, the writing, the back and forth with the privacy officer. Not to mention the broken templates and the email version control. There’s a version of this where the safeguard and the shipping velocity are not in opposition. That’s what I’m testing.

All BC public bodies, and any private organizations that need to partner with one, are required to complete a PIA before starting a new initiative. It’s a huge pain point across multiple ministries and organizations. FippaFlow is meant to take the complexity away and make it easier for teams to complete PIAs.

Where it is

Validation and Development. Talking to privacy officers and project leads across the public sector. Hopeful, unproven, and the thing I am most interested in right now.