Access to Information and Privacy (ATIP) online request pilot project
Executive summary
Table of contents
Why the Privacy Impact Assessment was necessary
Privacy Impact Assessment objectives
Privacy Impact Assessment findings and risk summary
Purpose
The Government of Canada is modernizing service to Canadians while increasing its open information environment. To improve service quality and ease of access for citizens, and to reduce processing costs for institutions, the Government of Canada is beginning to transform platforms supporting the administration of Access to Information and Privacy. Canadians are allowed, for the first time, to submit and pay for Access to Information requests online with the goal of having this capability available to all departments as soon as feasible.
Citizenship and Immigration Canada has undertaken this pilot initiative which allows for ATIP requests to be submitted quickly and efficiently by maximizing online technology. In its initial pilot phase, the Access to Information and Privacy Online Request Service allows clients to submit requests and fees online for Citizenship and Immigration Canada and the two other participating departments, Shared Services Canada and the Treasury Board of Canada Secretariat. Upon the successful implementation of this pilot, the service will be expanded to other federal government institutions.
Description
This Privacy Impact Assessment is a tri-institutional initiative for Access to Information and Privacy Online Request Service. This service provides an e-requesting platform which enables this new electronic request process; thereby eliminating the need to send and receive information and fee payments by mail. The scope of this Privacy Impact Assessment encompasses the electronic collection of personal information while re-examining the collection, use, disclosure and retention within the interoperability of this single window e-request service. This Assessment covers the data flow of the information through the system, from the point of collection by Citizenship and Immigration Canada to the point of reception of the information by the appropriate Access to Information and Privacy Division of the three participating institutions.
Why the Privacy Impact Assessment was necessary
In order to ensure compliance with the Privacy Act and associated Treasury Board Secretariat privacy policies, this Privacy Impact Assessment examined privacy risks which may be associated with this online service. Identified privacy risks were mitigated, reduced or eliminated by implementing specific response measures.
Privacy Impact Assessment objectives
To assess, reduce and mitigate potential risks associated with the collection of personal information over the internet and enabling the secure transfer of the personal information to the target institution.
To resolve any privacy issues that may be of potential public concern.
The Access to Information and Privacy Online Request Pilot leverages Citizenship and Immigration Canada's existing ePayment system (via the Receiver General Buy Button) used in a variety of electronic client service applications, along with lessons learned from these initiatives. The pilot also leverages the Secure File Transfer infrastructure managed by Public Works and Government Services Canada to ensure secure transmission of data between Citizenship and Immigration Canada and pilot departments.
Privacy Impact Assessment findings and risk summary
The online request intake process is safeguarded appropriately to ensure the secure transmission of client information up to the Protected B level. Once requests enter the e-service secure transmission to the appropriate receiving institutions is made via the Public Works and Government Services Canada's Secure File Transfer solution at a Protected B level. The transmission contains the request, any attachments that were uploaded, along with a copy of the proof of payment. Successful transmission is confirmed by the receiving department to Citizenship and Immigration Canada via an automated file server confirmation. The file servers at each receiving departments are also configured to send an email notification to their respective generic Access to Information and Privacy mailbox to notify them of the presence of a new request.
Once Citizenship and Immigration Canada receives the automated confirmation from a receiving institution that a request has been transmitted successfully, request-specific information will be purged from Citizenship and Immigration Canada's system. For reporting purposes, only basic transactional logs will be retained by Citizenship and Immigration Canada: logging time of request, type of request and intended department.
Action plan – Risk mitigation
The Government of Canada takes the protection of Canadians' information very seriously. The Privacy Impact Assessment's analysis of the risks was made against the ten universal privacy and fair information practice principles of the Canadian Standards Association Model Code for the Protection of Personal Information. In addition, it includes details on the technology such as the service design, the threat analysis and description of the technical safeguards provided to protect personal information.
The participating departments are ensuring compliance with the Privacy Act and associated Treasury Board Secretariat privacy policies with clear recommendations on how to mitigate any possible risks.
The Threat and Risk Assessment recommendations address ongoing safeguards implemented to protect personal information. In addition, security measures relating to privacy risks of this pilot will be assessed at mid-pilot with an appropriate privacy management plan developed to mitigate the possibility of residual risks.
Once the information is uploaded into the federal institution's Access to Information and Privacy processing system, the standard retention and disposal period will begin. All non-transitory information collected for a request will be retained for two years after the last administrative action within the ATIP tracking tool.
To ensure compliance with the Directive on the Social Insurance Number, individuals are asked not to provide their Social Insurance Number during the online application process, including when attaching documentation to support claims of a right of access under the Access to Information Act and the Privacy Act.
The Privacy Notice Statement is viewed with a prompt of acknowledgement before any information is entered into the online tool. The notice informs the requestor that this information is initially being collected by Citizenship and Immigration Canada but only for transmission to the intended institution.
Security management
A Threat and Risk Assessment on this pilot system was completed during the production implementation. Risks to confidentiality, availability and integrity of information stored and processed by this system were mitigated by implementing safeguards. The Receiver General Buy Button and Secure File Transfer infrastructure are common services that have already been certified and accredited for use by all federal departments and agencies.
The Government of Canada cannot guarantee the security of electronic mail; therefore a caution about sending sensitive personal information via e-mail was placed on the e-request highlighting this risk. The caveat stating that, "If you are concerned about the confidentiality of information, including your personal information, in transit, you should consider sending it directly to a government institution by secure means". If the requestor has concerns, supporting documents should be mailed to the appropriate department.
- Date modified: