Annual Report to Parliament on the Administration of the Privacy Act 2019-2020
Annual report to Parliament on the Administration of the Privacy Act 2019-2020
(PDF - 1.31 MB)
Table of Contents
- Introduction
- Organizational Structure
- Delegation Order
- Highlights of the Statistical Report, 2019-20
- Training and Awareness
- Policies, Guidelines, Procedures and Initiatives
- Summary of Key Issues and Actions Taken on Complaints or Audits
- Monitoring Compliance
- Material Privacy Breaches
- Privacy Impact Assessments
- Public Interest Disclosures
- APPENDIX A: Delegation Order
- APPENDIX B: 2019-20 Statistical Report on the Privacy Act
Introduction
Purpose of the Privacy Act
The Privacy Act came into effect on July 1, 1983. The Act protects individuals’ personal information that is held by government institutions, and provides these individuals with a right of access to this information. In addition, the Privacy Act gives individuals rights over the collection, use and disclosure of their personal information.
Section 72 of the Privacy Act requires that the head of every government institution prepare and submit an annual report to Parliament, detailing the administration of the Act within the institution for each fiscal year.
This annual report describes how Fisheries and Oceans Canada (DFO) administered the Privacy Act from April 1, 2019 to March 31, 2020.
Mandate of Fisheries and Oceans Canada
The Department of Fisheries and Oceans Canada (DFO) supports strong and sustainable economic growth in our marine and fisheries sectors and contributes to a prosperous economy through global commerce by supporting exports and advancing safe maritime trade. The Department supports the innovation needed for a knowledge-based economy through research in expanding sectors such as aquaculture and biotechnology. The Department contributes to a clean and healthy environment and sustainable aquatic ecosystems for Canadians through habitat protection, oceans management and ecosystems research.
The Canadian Coast Guard (CCG), as a Special Operating Agency within DFO, is responsible for services and programs that contribute to all of the Department's core responsibilities while also contributing significantly to the safety, security, and accessibility of Canada's waterways. The CCG also supports other government organizations by providing a civilian fleet and a broadly distributed shore-based infrastructure.Organizational Structure
Departmental Organization
The department has a presence across Canada with the majority of employees working outside the national headquarters in one of the Department's seven DFO regions or four CCG operational regions. National objectives, policies, procedures, and standards for the Department and the Canadian Coast Guard are established at national headquarters, in Ottawa. Regions are responsible for delivering programs and activities in accordance with national and regional priorities and within national performance parameters.
Access to Information and Privacy Secretariat Organization
The Access to Information and Privacy (ATIP) Director reports to the Assistant Deputy Minister, Human Resources and Corporate Services. The ATIP Director is accountable for the development, coordination and implementation of effective ATIP-related policies, guidelines, systems and procedures. This accountability ensures that the Department’s responsibilities under the Privacy Act are met, and enables appropriate processing and proper disclosure of information.
The Assistant Deputy Minister, Human Resources and Corporate Services serves as the Chief Privacy Officer (CPO) responsible for ensuring that privacy issues are afforded visibility and considered a priority at DFO, as well as for working with senior management on strategic privacy matters. The CPO keeps abreast of legislative and policy changes to the existing federal privacy regime and ensures that the Department’s practices are in line with all legal and policy requirements.
The ATIP Secretariat is divided along two business lines; one processes requests under the Act and the other is responsible for all other activities related to the administration of the Act at DFO. The business lines are managed by Deputy Directors.
The business line responsible for processing requests and providing issues management is the Operations Division, and is supported by:
- an Intake Unit, which oversees all incoming requests and liaises with requesters, programs and regions;
- An Administrative Support Group, which handles scanning, file management and quality control; and
- a team of analysts and consultants responsible for the overall processing of requests.
The business line responsible for many of the remaining responsibilities related to the administration of the Act is the Policy and Privacy Division (PPD). PPD acts as the Department’s centre of expertise for matters concerning personal information and privacy protection. The division provides strategic issues management, develops, implements and maintains the Department’s privacy policy suite, oversees the Department’s disclosures under subsection 8(2) of the Privacy Act, investigates and responds to suspected privacy breach incidents, provides guidance to and assists program areas in conducting privacy impact assessments, maintains and updates the Department’s personal information banks, leads the privacy training program, liaises with the wider ATIP community, and monitors reviews and changes in the Privacy Act and related Regulations and policies. Other important work completed by PPD includes the provision of advice to program areas on complex privacy matters, liaising with the Office of the Privacy Commissioner, and providing disclosure recommendations related to investigations at DFO.
PPD is also responsible for tracking departmental performance, supporting the Operations Division with staffing processes, hiring contracted resources, maintaining case management technology, leading strategic projects to improve the overall delivery of the ATIP program, and coordinating the privacy awareness training program to ensure the ongoing sound application of the Act.
The ATIP Secretariat collaborates with a network of ATIP Contacts located in each region and sector who act as liaisons for their respective programs within the Department.
In total, throughout the course of this reporting period, the ATIP Secretariat employed approximately 10.63 full-time employees (FTEs) devoted to Privacy Act activities; this includes full-time employees, consultants, agency personnel and casual employees.
Delegation Order
Responsibility for the administration of the Privacy Act at DFO is delegated from the Minister to the Director and Deputy Directors of the ATIP Secretariat. A copy of the Delegation Order is found at Appendix A.
Highlights of the Statistical Report, 2019-20
The Statistical Report on the Privacy Act is prepared by government institutions to assist the Treasury Board of Canada Secretariat (TBS) to analyze trends and exercise oversight.
DFO’s complete 2019-20 Statistical Report on the Privacy Act is found at Appendix B. Previous years’ statistical reports can be obtained from the ATIP Secretariat upon request.Overview of 2019-20 Requests under the Privacy Act
The analysis in this section compares data found in DFO’s 2019-20 Statistical Report on the Privacy Act with data from 2017-18, to produce a three-year trend analysis.
In 2019-20, DFO received 57 requests under the Privacy Act and had 12 requests outstanding from the previous reporting period. Of these 69 requests, DFO completed 64 and carried forward five into the next reporting period. As shown in Table 1 below, DFO completed 5% more requests under the Privacy Act compared to the previous reporting period.
Compliance for 2019-20 remains positive; 2019-20 figures show that 96.9% of privacy files were closed on or before their statutory or extended deadline.| Number of Requests | 2017-18 | 2018-19 | 2019-20 |
|---|---|---|---|
| Received during reporting period | 55 | 70 | 57 |
| Outstanding from previous reporting period | 5 | 3 | 12 |
| Total requests to process during reporting period | 60 | 73 | 69 |
| Completed during reporting period | 57 | 61 | 64 |
| Carried over to next reporting period | 3 | 12 | 5 |
| On-time compliance rate | 98% | 95% | 96.9% |
Requests Closed During the Reporting Period
Disposition and Completion Time
Section 14 of the Act requires institutions to provide a response to the requester within 30 days of receipt of the request, or to notify the requester that an extension is required. Of the 64 requests completed during the reporting period, 42 requests (66%) were completed within 30 days and an additional 18 requests (28%) were completed within 60 days.
The 64 requests completed by the Department in 2019-20 were finalized in the following manner:
- all disclosed – for eight requests (12%), all relevant information was released in full to the requester;
- disclosed in part – for 37 requests (58%), requesters were granted partial access to information;
- all exempted – for one request (less than 2%), all relevant information was withheld from disclosure to the requester;
- no records exist – for 14 requests (22%), no relevant records existed under the control of the Department; and
- request abandoned – for four requests (6%), the requester abandoned their request.
Exemptions and Exclusions
Exemptions are provisions of the Act that allow or require the heads of federal government institutions to withhold information requested under the legislation. For requests completed during the reporting period, the Department invoked exemptions pursuant to paragraphs 19(1)(c), 22(1)(b), and sections 26 and 27 of the Privacy Act. As was the case in 2018-19, section 26 was the most frequently invoked provision. It was cited in 37 requests, and was used to protect personal information about individuals other than the requester. The second most cited exemption, invoked 17 times, was paragraph 22(1)(b), which was used to protect information which could be injurious to law enforcement and investigations.
| Section of the Privacy Act | Description | Number of requests |
|---|---|---|
| 26 | Information about another individual | 37 |
| 22(1)(b) | Law enforcement and investigation | 17 |
Exclusions are provisions of the Act that remove certain records from the application of the legislation. Records excluded from the requirements of the Privacy Act include publicly available information and confidences of the Queen’s Privy Council (Cabinet Confidences) pursuant to sections 69 and 70, respectively. In 2019-2020 there were no requests for which records were excluded from the application of the Act.
Format of Information Released
When requests are complete, requesters may receive the information in paper or electronic formats, or they may view the records at any DFO office. During the reporting period, access to relevant documents was given, in whole or in part, for 45 requests. In 35 (78%) of these requests, information was released in an electronic format, and in 10 (22%) requests, information was released in paper format.
Complexity
During the reporting period, the ATIP Secretariat processed a total of 19, 874 relevant pages. Of the 19,874 pages processed, 6,624 pages (33%) were disclosed in whole or in part.
Of the requests completed, 26 requests required the processing of fewer than 100 relevant pages, 12 requests had 101-500 pages, seven requests had 501-1,000 pages, four requests had 1,001-5,000 pages, and one request had more than 5,000 pages.
The Department completed a number of requests involving other factors that increased their complexity, including:
- the review of records containing personal information about another individual that is interwoven with the personal information of the requester (50 requests);
- records located in a an office outside of national headquarters and/or audio recording containing personal information (four requests); and
- the requirement to consult with other institutions or organizations (eight requests).
Deemed Refusals
Of the 64 requests that were closed during the reporting period, the ATIP Secretariat closed only two requests past the statutory deadline. This represents a 96.9% rate of compliance which adds to the Department’s continuously high rate of compliance.
Note that the principal reason for the delay in the two requests related to workload.Extensions
Section 15 of the Act provides for the extension of statutory time limits if processing a request within the original time limit would unreasonably interfere with the operations of the Department, if consultations are necessary, if additional time is necessary for translation purposes, or for converting the personal information into an alternative format.
During the reporting period, 21 extensions were taken; extensions under subparagraph 15(a)(i) were taken 15 times because processing the request within the original time limit would unreasonably interfere with the operations of the Department, and six extensions were taken under subparagraph 15(a)(ii) for consultations. All extensions taken were for a period of 16 to 30 days beyond the initial 30 days statutory deadline.
Consultations Received From Other Institutions and Organizations
When other institutions and organizations retrieve information that concerns or originates from DFO in response to Privacy Act requests, they may consult the DFO ATIP Secretariat for recommendations on disclosure. Other government institutions are defined as federal institutions subject to the Privacy Act. Other organizations include the governments of the provinces, territories and municipalities, and of other countries.
In 2019-20, DFO received one consultation request consisting of 14 pages from a Government of Canada institution. The consultation request was completed within 30 days and DFO recommended a partial disclosure of the records.
No requests from other organizations were received during the reporting period.
Disclosures to Federal Investigative Bodies
Subsection 8(2) of the Privacy Act describes certain instances in which personal information under the control of a federal government institution may be disclosed without the consent of the individual to whom the information relates. Paragraph 8(2)(e) allows institutions to disclose personal information to a federal investigative body specified in Schedule II of the Privacy Regulations on the written request of the body for the purpose of enforcing any law of Canada or any province or carrying out a lawful investigation.
In 2019-20, DFO made no disclosures pursuant to paragraph 8(2)(e).
Other Requests
The ATIP Secretariat conducts a significant amount of informal privacy-related activities in addition to processing privacy requests, developing policy tools, and developing and conducting training sessions. These activities include:
- working with Departmental programs to mitigate privacy risks;
- managing and investigating potential privacy breaches;
- disclosing information pursuant to subsection 8(2) of the Privacy Act;
- reviewing and preparing advice on investigation reports;
- responding to requests for guidance from within the Department on privacy impact assessments, privacy notice statements, information sharing agreements and contracts that include the sharing of personal information; and
- releasing information outside of the prescribed formal process under the Act, where appropriate.
Table 3 below illustrates the workload associated with administering the Privacy Act apart from formal privacy requests.
Investigations completed for potential privacy breaches increased from the previous reporting period. A possible reason for the increased privacy breach investigation activity is that DFO’s proactive training efforts have increased Departmental awareness of its personal information protection responsibilities, including reporting suspected breaches. The DFO Standard on Privacy Breaches requires all suspected privacy breaches to be reported to ATIP within 24 hours. This message is reinforced in privacy training and awareness sessions.
During this reporting period, the ATIP Secretariat saw a 44% increase in the number of investigation reports reviewed before making a disclosure to the involved parties.
| Other Privacy Act Related requests | 2017-18 | 2018-19 | 2019-20 |
|---|---|---|---|
| Requests for advice | 145 | 170 | 148 |
| Investigations completed for potential privacy breaches | 26 | 18 | 26 |
| Investigation reports reviewed | 26 | 47 | 53 |
| Other | 3 | 40 | 5 |
| Total | 200 | 275 | 232 |
Training and Awareness
DFO makes significant efforts to promote awareness of federal access and privacy legislation and the corresponding responsibilities of DFO employees, providing ongoing individual and group training sessions. ATIP training is mandatory for all DFO executives and individuals acting in an executive position for more than four months. While regions, sectors and divisions are encouraged to request training as the need arises, the ATIP Secretariat also offered semi-annual awareness sessions to all employees of the Department.
The ATIP Secretariat also delivered training sessions to many sectors of the Department on the paper reduction initiative, to bring awareness to the implementation and onboarding of the new electronic transmittal process.
During the 2019-20 reporting period, the Department provided ATIP training to 805 participants. While some of the sessions were focused exclusively on access to information or privacy protection, others included elements of both access to information and privacy.
In addition to training offered by DFO, the Department encourages employees to take ATIP training offered by the Canada School of Public Service (CSPS). The ATIP Secretariat continued its efforts to promote the CSPS training in 2019-20. During this reporting period, 463 DFO and CCG participants completed CSPS ATIP-related training courses. The following table highlights all ATIP-related training activities undertaken during the reporting period.
| Type of training | Number of learners |
|---|---|
| DFO training | 805 |
| CSPS Training – Access to Information and Privacy Fundamentals (I015), Access to Information in the Government of Canada (I701) and Privacy in the Government of Canada (I702) | 463 |
| Total | 1268 |
Policies, Guidelines, Procedures and Initiatives
The Policy & Privacy Directorate of ATIP (PPD) continues to revise DFO’s ATIP policy suite where appropriate. The suite of policy tools was developed by the ATIP Secretariat to help DFO employees understand their responsibilities with regards to the protection of personal information. Included in the policy suite are the DFO Privacy Policy, Directive on Privacy Practices, the Standard on Privacy Breaches, the Standard on Permissible Disclosures of Personal Information and related tools such as Guidelines for the Informal Release of Information, the Privacy Impact Assessment: Needs Analysis, the Privacy Notice Template and privacy breach reporting forms.
PPD continued to review forms used by Internal Services within DFO and where necessary, developed privacy notice statements that meet all legislative and policy requirements. PPD also actively monitors Parliamentary questions in order to support timely and effective responses and to proactively identify potential files requiring ATIP’s review.
During the reporting period, the ATIP Secretariat also implemented a digital strategy that includes a paper reduction initiative, in order to modernize how requests under the Access to Information Act and the Privacy Act (collectively referred to as ATIP) are processed within the Department. The initiative is envisioned to increase productivity and improve the overall process for treating ATIP requests across the Department including: increased efficiency when retrieving and transmitting records relating to ATIP requests, faster response times, and significant cost savings in both human resources and material costs. The expected outcome of this initiative also includes a significant reduction in the Department’s overall paper consumption, as well as key expenses incurred when processing ATIP requests.
Strategic Collaboration
The ATIP Secretariat continues to be an active participant in the development and renewal of Departmental policy and guidance documents within DFO. Through ATIP’s participation in these processes, personal information protection principles are embedded in Departmental policy documents to ensure compliance with the Privacy Act.
Impact of COVID-19 on the administration of the Privacy Act
Late in the reporting period when met with the challenge of the COVID-19 global pandemic, ATIP found innovative approaches to move forward on requests and policy work. The paper reduction initiative described above was launched before the pandemic and proved to be a key digital business process in the remote work environment. Another approach involves using a digital delivery platform, instead of mail, to transmit records to requesters, and ATIP has been taking steps toward implementation. The digital delivery platform will not only facilitate the electronic delivery of responsive records to requesters, it will also allow for consultation packages to be sent to other government institutions and third parties. The digital platform is expected to be fully implemented during the next reporting period, advancing ATIP farther towards a completely paperless environment.
Although privacy and access to information are quasi-constitutional rights, ATIP is not considered a critical service and function within the organization. Nevertheless, the ATIP Secretariat remains committed to continuing to provide services to Canadians during the pandemic. As the pandemic continues, ATIP is providing privacy advice on an ongoing basis to inform program initiatives and decisions.
Despite the challenges, ATIP is continuing to find ways to support access to information and privacy to serve Canadians.
Summary of Key Issues and Actions Taken on Complaints or Audits
The Department reviews the outcomes of each Privacy Commissioner investigation and audit. Where appropriate, DFO incorporates lessons learned into business processes.
In 2019-20 DFO did not receive any privacy complaints from the Office of the Privacy Commissioner.Monitoring Compliance
DFO makes every effort to meet statutory deadlines and actively monitors the time taken to process privacy requests and requests for the correction of personal information. Monitoring begins as soon as a request is received by the ATIP Secretariat, entered into the case management system and assigned to an analyst. All requests, including requests for consultations, and requests for informal advice or review of records, are entered into the case management system for tracking. This electronic tracking of deadlines is essential as analysts work on numerous requests, each with multiple actions coming due, at any given time. Analysts meet with their team leaders on a weekly basis to identify issues with requests that might result in delays. Issues are raised with the ATIP management team, if necessary. The Director and Deputy Directors of the ATIP Secretariat get involved in files where they can use their authority as the Minister’s delegates under the Privacy Act to promote compliance with deadlines and deliverables.
Material Privacy Breaches
A privacy breach is defined by the Office of the Privacy Commissioner as the loss of, unauthorized access to, or disclosure of, personal information. A material privacy breach is defined by the Treasury Board Secretariat (TBS) as involving sensitive information that could reasonably be expected to cause serious injury or harm to the individual and/or involves a large number of affected individuals.
During the reporting period, one privacy breach reported to the DFO ATIP Secretariat was deemed to be material.
Although there was a large number of affected individuals (employees), the investigation of the incident revealed that the probability of impact to the individuals was low, given the type of personal information involved and the mitigations applied. DFO reported this breach to the OPC and TBS and measures were taken to avoid a recurrence.
Privacy Impact Assessments
To fulfill its mandate, many of DFO’s activities require the collection, use and disclosure of personal information. In accordance with Treasury Board Secretariat policies and directives, the Department uses Privacy Impact Assessments (PIAs) as a risk management tool to determine whether privacy risks are present in new or substantially modified Departmental programs, initiatives or projects that collect, use and retain personal information.
During the reporting period, no PIAs were completed by the ATIP Secretariat. Although no PIA was completed during the reporting period, new initiatives were assessed to evaluate whether a PIA was required in accordance with Government of Canada policy.Public Interest Disclosures
Subsection 8(2) of the Privacy Act describes certain instances in which personal information under the control of a federal government institution may be disclosed without the consent of the individual to whom the information relates.
Paragraph 8(2)(m) allows institutions to disclose personal information in circumstances where the public interest in disclosure clearly outweighs any invasion of privacy that could result from the disclosure, or where disclosure would clearly benefit the individual to whom the information relates.
In 2019-20, DFO made no disclosures under paragraph 8(2)(m) .
APPENDIX A: Delegation Order
Description
Copy of the delegation order designating the director and deputy directors of the ATIP Secretariat to exercise the powers, duties and functions of the Minister as the head of Fisheries and Oceans Canada, under the provisions of the Privacy Act and related Regulations.
APPENDIX B: 2019-20 Statistical Report on the Privacy Act
Statistical Report on the Privacy Act
Name of institution: Fisheries and Oceans Canada
Reporting period: 2019-04-01 to 2020-03-31
Section 1: Requests Under the Privacy Act
| Number of Requests | |
|---|---|
| Received during reporting period | 57 |
| Outstanding from previous reporting period | 12 |
| Total | 69 |
| Closed during reporting period | 64 |
| Carried over to next reporting period | 5 |
Section 2: Requests Closed During the Reporting Period
| Disposition of Requests | Completion Time | |||||||
|---|---|---|---|---|---|---|---|---|
| 1 to 15 Days | 16 to 30 Days | 31 to 60 Days | 61 to 120 Days | 121 to 180 Days | 181 to 365 Days | More than 365 Days | Total | |
| All disclosed | 3 | 5 | 0 | 0 | 0 | 0 | 0 | 8 |
| Disclosed in part | 0 | 17 | 16 | 2 | 2 | 0 | 0 | 37 |
| All exempted | 0 | 0 | 1 | 0 | 0 | 0 | 0 | 1 |
| All excluded | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| No records exist | 4 | 10 | 0 | 0 | 0 | 0 | 0 | 14 |
| Request abandoned | 2 | 1 | 1 | 0 | 0 | 0 | 0 | 4 |
| Neither confirmed nor denied | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| Total | 9 | 33 | 18 | 2 | 2 | 0 | 0 | 64 |
| Section | Number of Requests | Section | Number of Requests | Section | Number of Requests |
|---|---|---|---|---|---|
| 18(2) | 0 | 22(1)(a)(i) | 0 | 23(a) | 0 |
| 19(1)(a) | 0 | 22(1)(a)(ii) | 0 | 23(b) | 0 |
| 19(1)(b) | 0 | 22(1)(a)(iii) | 0 | 24(a) | 0 |
| 19(1)(c) | 1 | 22(1)(b) | 17 | 24(b) | 0 |
| 19(1)(d) | 0 | 22(1)(c) | 0 | 25 | 0 |
| 19(1)(e) | 0 | 22(2) | 0 | 26 | 37 |
| 19(1)(f) | 0 | 22.1 | 0 | 27 | 4 |
| 20 | 0 | 22.2 | 0 | 27.1 | 0 |
| 21 | 0 | 22.3 | 0 | 28 | 0 |
| 22.4 | 0 |
| Section | Number of Requests | Section | Number of Requests | Section | Number of Requests |
|---|---|---|---|---|---|
| 69(1)(a) | 0 | 70(1) | 0 | 70(1)(d) | 0 |
| 69(1)(b) | 0 | 70(1)(a) | 0 | 70(1)(e) | 0 |
| 69.1 | 0 | 70(1)(b) | 0 | 70(1)(f) | 0 |
| 70(1)(c) | 0 | 70.1 | 0 |
| Paper | Electronic | Other |
|---|---|---|
| 10 | 35 | 0 |
2.5 Complexity
| Number of Pages Processed | Number of Pages Disclosed | Number of Requests |
|---|---|---|
| 19874 | 6624 | 50 |
| Disposition | Less Than 100 Pages Processed | 101-500 Pages Processed | 501-1000 Pages Processed | 1001-5000 Pages Processed | More than 5000 Pages Processed | |||||
|---|---|---|---|---|---|---|---|---|---|---|
| Number of Requests | Pages Disclosed | Number of Requests | Pages Disclosed | Number of Requests | Pages Disclosed | Number of Requests | Pages Disclosed | Number of Requests | Pages Disclosed | |
| All disclosed | 7 | 181 | 0 | 0 | 1 | 791 | 0 | 0 | 0 | 0 |
| Disclosed in part | 16 | 478 | 11 | 1668 | 5 | 1285 | 4 | 1589 | 1 | 267 |
| All exempted | 0 | 0 | 0 | 0 | 1 | 0 | 0 | 0 | 0 | 0 |
| All excluded | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| Request abandoned | 3 | 87 | 1 | 278 | 0 | 0 | 0 | 0 | 0 | 0 |
| Neither confirmed nor denied | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| Total | 26 | 746 | 12 | 1946 | 7 | 2076 | 4 | 1589 | 1 | 267 |
| Disposition | Consultation Required | Legal Advice Sought | Interwoven Information | Other | Total |
|---|---|---|---|---|---|
| All disclosed | 0 | 0 | 8 | 0 | 8 |
| Disclosed in part | 8 | 0 | 37 | 4 | 49 |
| All exempted | 0 | 0 | 1 | 0 | 1 |
| All excluded | 0 | 0 | 0 | 0 | 0 |
| Request abandoned | 0 | 0 | 4 | 0 | 4 |
| Neither confirmed nor denied | 0 | 0 | 0 | 0 | 0 |
| Total | 8 | 0 | 50 | 4 | 62 |
2.6 Closed requests
| Requests closed within legislated timelines | |
|---|---|
| Number of requests closed within legislated timelines | 62 |
| Percentage of requests closed within legislated timelines (%) | 96.9 |
2.7 Deemed refusals
| Number of Requests Closed Past the Legislated Timelines | Principal Reason | |||
|---|---|---|---|---|
| Interference with Operations / Workload | External Consultation | Internal Consultation | Other | |
| 2 | 2 | 0 | 0 | 0 |
| Number of Days Past Legislated Timelines | Number of Requests Past Legislated Timeline Where No Extension Was Taken | Number of Requests Past Legislated Timelines Where an Extension Was Taken | Total |
|---|---|---|---|
| 1 to 15 days | 0 | 0 | 0 |
| 16 to 30 days | 0 | 0 | 0 |
| 31 to 60 days | 0 | 0 | 0 |
| 61 to 120 days | 0 | 0 | 0 |
| 121 to 180 days | 0 | 2 | 2 |
| 181 to 365 days | 0 | 0 | 0 |
| More than 365 days | 0 | 0 | 0 |
| Total | 0 | 2 | 2 |
| Translation Requests | Accepted | Refused | Total |
|---|---|---|---|
| English to French | 0 | 0 | 0 |
| French to English | 0 | 0 | 0 |
| Total | 0 | 0 | 0 |
Section 3: Disclosures Under Subsections 8(2) and 8(5)
| Paragraph 8(2)(e) | Paragraph 8(2)(m) | Subsection 8(5) | Total |
|---|---|---|---|
| 0 | 0 | 0 | 0 |
Section 4: Requests for Correction of Personal Information and Notations
| Disposition for Correction Requests Received | Number |
|---|---|
| Notations attached | 0 |
| Requests for correction accepted | 0 |
| Total | 0 |
Section 5: Extensions
| Number of requests where an extension was taken | 15(a)(i) Interference with operations | 15 (a)(ii) Consultation | 15(b) Translation purposes or conversion |
|||||
|---|---|---|---|---|---|---|---|---|
| Further review required to determine exemptions | Large volume of pages | Large volume of requests | Documents are difficult to obtain | Cabinet Confidence Section (Section 70) | External | Internal | ||
| 21 | 0 | 4 | 11 | 0 | 0 | 3 | 3 | 0 |
| Length of Extensions | 15(a)(i) Interference with operations | 15 (a)(ii) Consultation | 15(b) Translation purposes or conversion |
|||||
|---|---|---|---|---|---|---|---|---|
| Further review required to determine exemptions | Large volume of pages | Large volume of requests | Documents are difficult to obtain | Cabinet Confidence Section (Section 70) | External | Internal | ||
| 1 to 15 days | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| 16 to 30 days | 0 | 4 | 11 | 0 | 0 | 3 | 3 | 0 |
| 31 days or greater | 0 | |||||||
| Total | 0 | 4 | 11 | 0 | 0 | 3 | 3 | 0 |
Section 6: Consultations Received From Other Institutions and Organizations
| Consultations | Other Government of Canada Institutions | Number of Pages to Review | Other Organizations | Number of Pages to Review |
|---|---|---|---|---|
| Received during the reporting period | 1 | 14 | 0 | 0 |
| Outstanding from the previous reporting period | 0 | 0 | 0 | 0 |
| Total | 1 | 14 | 0 | 0 |
| Closed during the reporting period | 1 | 14 | 0 | 0 |
| Carried over to the next reporting period | 0 | 0 | 0 | 0 |
| Recommendation | Number of Days Required to Complete Consultation Requests | |||||||
|---|---|---|---|---|---|---|---|---|
| 1 to 15 Days | 16 to 30 Days | 31 to 60 Days | 61 to 120 Days | 121 to 180 Days | 181 to 365 Days | More than 365 Days | Total | |
| All disclosed | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| Disclosed in part | 1 | 0 | 0 | 0 | 0 | 0 | 0 | 1 |
| All exempted | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| All excluded | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| Consult other institution | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| Other | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| Total | 1 | 0 | 0 | 0 | 0 | 0 | 0 | 1 |
| Recommendation | Number of days required to complete consultation requests | |||||||
|---|---|---|---|---|---|---|---|---|
| 1 to 15 Days | 16 to 30 Days | 31 to 60 Days | 61 to 120 Days | 121 to 180 Days | 181 to 365 Days | More than 365 Days | Total | |
| All disclosed | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| Disclosed in part | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| All exempted | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| All excluded | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| Consult other institution | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| Other | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| Total | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Section 7: Completion Time of Consultations on Cabinet Confidences
| Number of Days | Fewer than 100 Pages Processed | 101-500 Pages Processed | 501-1000 Pages Processed | 1001-5000 Pages Processed | More than 5000 Pages Processed | |||||
|---|---|---|---|---|---|---|---|---|---|---|
| Number of Requests | Pages Disclosed | Number of Requests | Pages Disclosed | Number of Requests | Pages Disclosed | Number of Requests | Pages Disclosed | Number of Requests | Pages Disclosed | |
| 1 to 15 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| 16 to 30 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| 31 to 60 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| 61 to 120 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| 121 to 180 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| 181 to 365 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| More than 365 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| Total | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| Number of Days | Fewer than 100 Pages Processed | 101-500 Pages Processed | 501-1000 Pages Processed | 1001-5000 Pages Processed | More than 5000 Pages Processed | |||||
|---|---|---|---|---|---|---|---|---|---|---|
| Number of Requests | Pages Disclosed | Number of Requests | Pages Disclosed | Number of Requests | Pages Disclosed | Number of Requests | Pages Disclosed | Number of Requests | Pages Disclosed | |
| 1 to 15 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| 16 to 30 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| 31 to 60 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| 61 to 120 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| 121 to 180 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| 181 to 365 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| More than 365 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| Total | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Section 8: Complaints and Investigations Notices Received
| Section 31 | Section 33 | Section 35 | Court action | Total |
|---|---|---|---|---|
| 0 | 0 | 0 | 0 | 0 |
Section 9: Privacy Impact Assessments (PIA) and Personal Information Banks (PIB)
| Number of PIA(s) completed | 0 |
|---|
| Active | Created | Terminated | Modified |
|---|---|---|---|
| 0 | 0 | 0 | 0 |
Section 10: Material Privacy Breaches
| Number of material privacy breaches reported to TBS | 1 |
|---|---|
| Number of material privacy breaches reported to OPC | 1 |
Section 11: Resources Related to the Privacy Act
| Expenditures | Amount | |
|---|---|---|
| Salaries | $737,450 | |
| Overtime | $0 | |
| Goods and Services | $95,431 | |
| • Professional services contracts | $59,129 | |
| • Other | $36,302 | |
| Total | $832,881 | |
| Resources | Person Years Dedicated to Privacy Activities |
|---|---|
| Full-time employees | 9.81 |
| Part-time and casual employees | 0.03 |
| Regional staff | 0 |
| Consultants and agency personnel | 0.4 |
| Students | 0.39 |
| Total | 10.63 |
- Date modified: