Annual Report to Parliament on the Administration of the Privacy Act 2020-2021
Table of contents
- Introduction
- Organizational Structure
- Delegation Order
- Highlights of the Statistical Report, 2020-21
- Training and awareness
- Policies, guidelines, procedures and initiatives
- Impact of COVID-19 on the administration of the Privacy Act
- Summary of Key Issues and Actions Taken on Complaints or Audits
- Monitoring compliance
- Material privacy breaches
- Privacy impact assessments
- Appendix A: Delegation Order
- Appendix B: 2020-21 Statistical Report on the Privacy Act
Introduction
Purpose of the Privacy Act
The Privacy Act (Act) came into effect on July 1, 1983. The Act protects individuals' personal information that is held by government institutions, and provides these individuals with a right of access to this information. In addition, the Privacy Act gives individuals rights over the collection, use and disclosure of their personal information.
Section 72 of the Privacy Act requires that the head of every government institution prepare and submit an annual report to Parliament, detailing the administration of the Act within the institution for each fiscal year.
This annual report describes how Fisheries and Oceans Canada (DFO) administered the Privacy Act from April 1, 2020, to March 31, 2021.
Mandate of Fisheries and Oceans Canada
DFO is responsible for safeguarding Canadian waters and managing Canada's fisheries and oceans resources. DFO helps to ensure healthy and sustainable aquatic ecosystems through habitat protection and sound science. DFO support's economic growth in the marine and fisheries sectors, and innovation in areas such as aquaculture and biotechnology. DFO is committed to working with fishers, coastal, and Indigenous communities to enable their continued prosperity from fish and seafood.
The Canadian Coast Guard (CCG), as a Special Operating Agency within DFO, is responsible for services and programs that contribute to all of DFO's core responsibilities while also contributing significantly to the safety, security, and accessibility of Canada's waterways. The CCG also supports other government organizations by providing a civilian fleet and a broadly distributed shore-based infrastructure.
Organizational Structure
Departmental organization
DFO has a presence across Canada with the majority of employees working outside the national headquarters in one of DFO's seven DFO regions or four CCG operational regions. National objectives, policies, procedures, and standards for DFO and the Canadian Coast Guard are established at national headquarters, in Ottawa. Regions are responsible for delivering programs and activities in accordance with national and regional priorities and within national performance parameters.
Access to Information and Privacy Secretariat
The Access to Information and Privacy (ATIP) Director reports to the Assistant Deputy Minister, Human Resources and Corporate Services. The ATIP Director is accountable for the development, coordination and implementation of effective ATIP-related policies, guidelines, systems and procedures. This accountability ensures that DFO's responsibilities under the Privacy Act are met, and enables appropriate processing and proper disclosure of information.
The Assistant Deputy Minister, Human Resources and Corporate Services serves as the Chief Privacy Officer (CPO) responsible for ensuring that privacy issues are afforded visibility and considered a priority at DFO, as well as for working with senior management on strategic privacy matters. The CPO keeps abreast of legislative and policy changes to the existing federal privacy regime and ensures that DFO's practices are in line with all legal and policy requirements.
The ATIP Secretariat is divided along two business lines; one processes requests under the Act and the other is responsible for all other activities related to the administration of the Act at DFO. The business lines are managed by Deputy Directors.
The Operations Division is responsible for processing requests and providing issues management; it is supported by:
- an Intake Unit, which oversees all incoming requests and liaises with requesters, programs and regions
- An Administrative Support Group, which handles scanning, file management and quality control
- a team of analysts and consultants responsible for the overall processing of requests
The Policy and Privacy Division (PPD) is responsible for many of the remaining responsibilities related to the administration of the Act. PPD acts as DFO's centre of expertise for matters concerning personal information and privacy protection. The division provides strategic issues management; develops, implements and maintains DFO's privacy policy suite; oversees DFO's disclosures under subsection 8(2) of the Privacy Act; investigates and responds to suspected privacy breach incidents; provides guidance to and assists program areas in conducting privacy impact assessments; maintains and updates DFO's personal information banks; leads the ATIP training program; liaises with the wider ATIP community; and monitors reviews and changes in the Privacy Act and related regulations and policies. Other important work completed by PPD includes the provision of advice to program areas on complex privacy matters, liaising with the Office of the Privacy Commissioner, and providing disclosure recommendations related to investigations at DFO.
PPD is also responsible for tracking departmental performance, supporting the Operations Division with staffing processes, hiring contracted resources, maintaining case management technology, leading strategic projects to improve the overall delivery of the ATIP program, and coordinating the privacy awareness training program to ensure the ongoing sound application of the Act.
The ATIP Secretariat collaborates with a network of ATIP Contacts located in each region and sector who act as liaisons for their respective programs within DFO.
In total, throughout the course of this reporting period, the ATIP Secretariat employed 12.5 full-time employees (FTEs) devoted to Privacy Act activities; this includes full-time employees, consultants, agency personnel and casual employees.
Delegation Order
Responsibility for the administration of the Privacy Act at DFO is delegated from the Minister to the Director and Deputy Directors of the ATIP Secretariat. A copy of the Delegation Order is found at Appendix A.
Highlights of the Statistical Report, 2020-21
The Statistical Report on the Privacy Act is prepared by government institutions to assist the Treasury Board of Canada Secretariat (TBS) to analyze trends and exercise oversight.
DFO's complete 2020-21 Statistical Report on the Privacy Act is found at Appendix B. Previous years' statistical reports can be obtained from the ATIP Secretariat upon request.
Overview of 2020-21 requests under the Privacy Act
The analysis in this section compares data found in DFO's 2020-21 Statistical Report on the Privacy Act with data from 2018-19 to produce a three-year trend analysis.
In 2020-21, DFO received 80 requests under the Privacy Act and had five requests outstanding from the previous reporting period. Of these 85 requests, DFO completed 62 and carried forward 23 into the next reporting period. As shown in Table 1 below, DFO received 40% more requests under the Privacy Act compared to the previous reporting period.
Compliance for 2020-21 remains positive; 2020-21 figures show that 95.2% of privacy files were closed on or before their statutory or extended deadline.
| Number of Requests | 2018-19 | 2019-20 | 2020-21 |
| Received during reporting period | 70 | 57 | 80 |
| Outstanding from previous reporting period | 3 | 12 | 5 |
| Total requests to process during reporting period | 73 | 69 | 85 |
| Completed during reporting period | 61 | 64 | 62 |
| Carried over to next reporting period | 12 | 5 | 23 |
| On-time compliance rate | 95% | 96.9% | 95.2% |
Requests closed during the reporting period
Disposition and completion time
Section 14 of the Act requires institutions to provide a response to the requester within 30 days of receipt of the request, or to notify the requester that an extension is required. Of the 62 requests completed during the reporting period, 26 requests (42%) were completed within 30 days, and an additional 32 requests (52%) were completed within 60 days.
The 62 requests completed by DFO in 2020-21 were finalized in the following manner:
- all disclosed – for 16 requests (26%), all relevant information was released in full to the requester
- disclosed in part – for 26 requests (42%), requesters were granted partial access to information
- no records exist – for 16 requests (26%), no relevant records existed under the control of DFO
- request abandoned – for four requests (6%), the requester abandoned their request
- no request was processed where all relevant information was exempted, excluded or where DFO could neither confirm nor deny the existence of the requested information
Exemptions and exclusions
Exemptions are provisions of the Act that allow or require the heads of federal government institutions to withhold information requested under the legislation. For requests completed during the reporting period, DFO invoked exemptions pursuant to paragraphs, 22(1)(b), and sections 26 of the Privacy Act. As was the case in 2019-20, section 26 was the most frequently invoked provision. It was cited in 26 requests, and was used to protect personal information about individuals other than the requester. The second most cited exemption, invoked four times, was paragraph 22(1)(b), which was used to protect information which could be injurious to law enforcement and investigations.
| Section of the Privacy Act | Description | Number of requests |
| 26 | Information about another individual | 26 |
| 22(1)(b) | Law enforcement and investigation | 4 |
Exclusions are provisions of the Act that remove certain records from the application of the legislation. Records excluded from the requirements of the Privacy Act include publicly available information and confidences of the Queen's Privy Council (Cabinet Confidences) pursuant to sections 69 and 70, respectively. In 2020-2021 there were no requests for which records were excluded from the application of the Act.
Format of Information Released
When requests are complete, requesters may receive the information in paper or electronic formats, or they may view the records at any DFO office. During the reporting period, access to relevant documents was given, in whole or in part, for 40 requests. In 33 (82.5%) of these requests, information was released in an electronic format, and in seven (17.5%) requests, information was released in paper format.
Complexity
During the reporting period, the ATIP Secretariat processed a total of 13,877 relevant pages. Of the 13,877 pages processed, 7,330 pages (53%) were disclosed in whole or in part.
Of the requests completed, 25 requests required the processing of fewer than 100 relevant pages, 10 requests had 101-500 pages, seven requests had 501-1,000 pages, four requests had 1,001-5,000 pages, and there were no requests that had more than 5,000 pages.
DFO completed a number of requests involving other factors that increased their complexity, including:
- the review of records containing personal information about another individual that is interwoven with the personal information of the requester (46 requests)
- the requirement to consult with other institutions or organizations (two requests)
- records located in an office outside of national headquarters and/or audio recording containing personal information (one request)
Deemed refusals
Of the 62 requests that were closed during the reporting period, the ATIP Secretariat closed only three requests past the statutory deadline. This represents a 95.2% rate of compliance which adds to DFO's continuously high rate of compliance.
Note that the principal reason for the delay in the three requests related to workload.
Extensions
Section 15 of the Act provides for the extension of statutory time limits if processing a request within the original time limit would unreasonably interfere with the operations of DFO, if consultations are necessary, if additional time is necessary for translation purposes, or for converting the personal information into an alternative format.
During the reporting period, 36 extensions were taken; extensions under subparagraph 15(a)(i) were taken 35 times because processing the request within the original time limit would unreasonably interfere with the operations of DFO, and one extension was taken under subparagraph 15(a)(ii) for consultations. All extensions taken were for a period of 16 to 30 days beyond the initial 30 days statutory deadline.
Consultations Received From Other Institutions and Organizations
When other institutions and organizations retrieve information that concerns or originates from DFO in response to Privacy Act requests, they may consult the DFO ATIP Secretariat for recommendations on disclosure. Other institutions are defined as federal institutions subject to the Privacy Act. Organizations include the governments of the provinces, territories and municipalities, and of other countries.
In 2020-21, DFO did not receive any consultation requests from other Government of Canada institutions nor from other organizations.
Disclosures to Federal Investigative Bodies
Subsection 8(2) of the Privacy Act describes certain instances in which personal information under the control of a federal government institution may be disclosed without the consent of the individual to whom the information relates. Paragraph 8(2)(e) allows institutions to disclose personal information to a federal investigative body specified in Schedule II of the Privacy Regulations on the written request of the body for the purpose of enforcing any law of Canada or any province or carrying out a lawful investigation.
In 2020-21, DFO made two disclosures pursuant to paragraph 8(2)(e).
Public Interest Disclosures
Subsection 8(2) of the Privacy Act describes certain instances in which personal information under the control of a federal government institution may be disclosed without the consent of the individual to whom the information relates.
Paragraph 8(2)(m) allows institutions to disclose personal information in circumstances where the public interest in disclosure clearly outweighs any invasion of privacy that could result from the disclosure, or where disclosure would clearly benefit the individual to whom the information relates.
In 2020-21, DFO made no disclosures under paragraph 8(2)(m).
Other Requests
The ATIP Secretariat conducts a significant amount of informal privacy-related activities in addition to processing privacy requests, developing policy tools, and developing and conducting training sessions. These activities include:
- working with Departmental programs to mitigate privacy risks;
- managing and investigating potential privacy breaches;
- disclosing information pursuant to subsection 8(2) of the Privacy Act;
- reviewing and preparing advice on investigation reports;
- responding to requests for guidance from within DFO on privacy impact assessments, privacy notice statements, information sharing agreements and contracts that include the sharing of personal information; and
- releasing information outside of the prescribed formal process under the Act, where appropriate.
Table 3 below illustrates the workload associated with administering the Privacy Act apart from formal privacy requests.
During this reporting period, the ATIP Secretariat saw a 20% increase in the number of requests for advice on various issues relating to access to information and privacy protection. Investigations completed for potential privacy breaches increased from the previous reporting period.
A possible reason for the increase in requests for advice and privacy breach investigation activity is that DFO's proactive training efforts have increased departmental awareness of its personal information protection responsibilities, including reporting suspected breaches. The DFO Standard on Privacy Breaches also requires all suspected privacy breaches to be reported to ATIP within 24 hours. This message is reinforced in privacy training and awareness sessions.
| Other Privacy Act Related requests | 2018-19 | 2019-20 | 2020-2021 |
| Requests for advice | 170 | 148 | 178 |
| Investigations completed for potential privacy breaches | 18 | 26 | 37 |
| Investigation reports reviewed | 47 | 53 | 51 |
| Other | 40 | 5 | 3 |
| Total | 275 | 232 | 269 |
Training and awareness
ATIP training is mandatory for all DFO executives and individuals acting in an executive position for more than four months. DFO makes significant efforts to promote awareness of federal access and privacy legislation and the corresponding responsibilities of DFO employees, providing ongoing individual and group training sessions.
The ATIP Secretariat increased the frequency of training sessions offered from semi-annually to monthly as well as ad-hoc training sessions that are tailored to program's needs that continue to be offered to participants. Accessing available ATIP training options have been streamlined and participants can now sign up for training sessions on the ATIP Secretariat's intranet page.
The ATIP Secretariat also launched a targeted training approach to train all sectors and regions within a 12 month cycle. The ATIP program began providing these targeted training sessions to programs across DFO and CCG at the end of the third quarter of this reporting period.
During the 2020-21 reporting period, DFO provided ATIP training to 979 participants. These sessions focused on processing access to information requests and protecting personal information.
DFO also encourages employees to take ATIP training offered by the Canada School of Public Service (CSPS). The ATIP Secretariat continued its efforts to promote the CSPS training in 2020-21. During this reporting period, 311 DFO and CCG participants completed CSPS ATIP-related training courses. Table 4 highlights all ATIP-related training activities undertaken during the reporting period.
| Type of training | Number of learners |
| DFO training | 979 |
| CSPS Training – Access to Information and Privacy Fundamentals (I015), Access to Information in the Government of Canada (I701) and Privacy in the Government of Canada (I702) | 311 |
| Total | 1,290 |
During the second quarter of 2020-21, DFO launched ATIP Connection, a quarterly newsletter created to share information on diverse ATIP-related topics. The newsletter aims to raise more awareness with DFO and CCG employees about ATIP related issues and developments. This newsletter is also geared towards broadening the Department's understanding of ATIP while keeping everyone up-to-date on ATIP related news.
DFO also hosted an internally recognized week long celebration during the week of Data Privacy Day. With the theme "Own Your Privacy," Data Privacy Day marked an opportunity to highlight key issues surrounding data privacy; foster awareness of privacy rights and obligations; empower employees to protect and control privacy; and recognize that data and privacy protection are shared responsibilities. An online Data Privacy Toolbox equipped with tools and resources was created to help employees better manage data, safeguard privacy, and enable trust within one's network, all accessible through the ATIP intranet page.
Policies, guidelines, procedures and initiatives
The ATIP Secretariat continues to revise DFO's ATIP policy suite where appropriate. The suite of policy tools was developed to help DFO employees understand their responsibilities with regards to the protection of personal information. Included in the policy suite are DFO's Privacy Policy, Directive on Privacy Practices, the Standard on Privacy Breaches, the Standard on Permissible Disclosures of Personal Information and related tools such as Guidelines for the Informal Release of Information, the Privacy Impact Assessment: Needs Analysis, the Privacy Notice Template and privacy breach reporting forms.
The ATIP Secretariat continued to review forms used by Internal Services within DFO and where necessary, developed privacy notice statements that meet all legislative and policy requirements. The ATIP Secretariat also actively monitors Parliamentary questions in order to support timely and effective responses, and to proactively identify potential files requiring ATIP's review.
Digital Strategy
Over the current reporting period, the ATIP Secretariat expanded upon the digital strategy that started in the previous reporting period. From desktop computers to laptops; printing and photocopying to digital file transfer; and traditional postal service to instant electronic transmittal, the digital strategy has revolutionized DFO's process for treating formal ATIP requests.
The digital strategy was fully implemented across DFO at the onset of the COVID-19 pandemic in March 2020 with its inception in last year's Paper Reduction Initiative. With an unprecedented number of employees working remotely from the workplace, the digital strategy ensured that reasonable efforts to process and respond to ATIP requests were made while making the health and safety of employees and the community a priority.
In collaboration with the DFO Information Management Branch, a solution was developed and implemented to permit the electronic transmittal of records (up to and including Protected B) to the ATIP Secretariat when treating formal ATIP requests. Through this solution, the traditional paper-based process of printing or photocopying records was replaced with the digital process of securely transmitting records via GCdocs.
The digital strategy also presented digital solutions to mitigate the impact of general access to traditional mail services. File sharing platforms were adopted to send unclassified records to external recipients; and the use of epost Connect was used to transmit records (up to and including Protected B) to requesters, other federal institutions, third party organizations, and other governments.
- Realizing overall efficiencies in service delivery;
- Generating cost savings to DFO and CCG;
- Reducing DFO's environmental footprint; and
- Maintaining service excellence and strong on time compliance rate.
Strategic collaboration
The ATIP Secretariat continues to be an active participant in the development and renewal of departmental policy and guidance documents within DFO. Through ATIP's participation in these processes, personal information protection principles are embedded in departmental policy documents to ensure compliance with the Privacy Act.
Impact of COVID-19 on the administration of the Privacy Act
ATIP was met with the challenge of the COVID-19 global pandemic in March 2020 and throughout the current reporting period.
The right of access is a quasi-constitutional right, however, the processing of ATIP requests is not considered a critical service for the purpose of business continuity planning. Despite this being the case, DFO remained committed throughout the pandemic period to continue providing uninterrupted services to Canadians.
Through the solutions developed and implemented in the digital strategy, DFO was able to mitigate technical gaps and operational barriers to ensuring business continuity during the COVID-19 pandemic. These solutions represent the DFO ATIP program's resilience and ability to remain agile, develop and adopt innovative solutions, and be equipped to overcome barriers that would otherwise have impeded DFO's excellent record in delivering results.
The ATIP Secretariat also continued to consistently provide ATIP policy and privacy advice on an ongoing basis to inform program initiatives and decisions.
Summary of Key Issues and Actions Taken on Complaints or Audits
DFO reviews the outcomes of each Privacy Commissioner investigation and audit. Where appropriate, DFO incorporates lessons learned into business processes.
In 2020-21 DFO did not receive any privacy complaints from the Office of the Privacy Commissioner.
Monitoring compliance
DFO makes every effort to meet statutory deadlines and actively monitors the time taken to process privacy requests and requests for the correction of personal information. Monitoring begins as soon as a request is received by the ATIP Secretariat, entered into the case management system and assigned to an analyst. All requests, including requests for consultations, and requests for informal advice or review of records, are entered into the case management system for tracking. This electronic tracking of deadlines is essential as analysts work on numerous requests, each with multiple actions coming due, at any given time. Analysts meet with their team leaders on a weekly basis to identify issues with requests that might result in delays. Issues are raised with the ATIP management team, if necessary. The Director and Deputy Directors of the ATIP Secretariat get involved in files where they can use their authority as the Minister's delegates under the Privacy Act to promote compliance with deadlines and deliverables.
Material privacy breaches
A privacy breach is defined by the Office of the Privacy Commissioner as the loss of, unauthorized access to, or disclosure of, personal information. A material privacy breach is defined by TBS as involving sensitive information that could reasonably be expected to cause serious injury or harm to the individual and/or involves a large number of affected individuals.
During the reporting period, no privacy breaches were reported to the DFO ATIP Secretariat that were deemed to be material.
Privacy impact assessments
To fulfill its mandate, many of DFO's activities require the collection, use and disclosure of personal information. In accordance with TBS policies and directives, DFO uses Privacy Impact Assessments (PIAs) as a risk management tool to determine whether privacy risks are present in new or substantially modified departmental programs, initiatives or projects that collect, use and retain personal information.
During the reporting period, one PIA was completed by the ATIP Secretariat: The Student Bridging Portal. The Student Bridging Portal is an online platform that allows current students in the public service to be considered for term and indeterminate appointments within DFO following graduation. The portal is unique in that it provides DFO with access to graduates who have had a student contract in any federal department or organization. This gives graduates an opportunity to start a career at DFO, and gives DFO the opportunity to capitalize on the investment already made in these graduates.
The Student Bridging Portal features a user interface that allows for candidates to respond to screening questions, and to upload documentation related to their education experience and achievements. VidCruiter's Applicant Tracking System ("VidTracking") will enable HR professionals and hiring managers to track and manage applicants using the Student Bridging Portal throughout the recruitment process.
In addition to the completed PIA during the reporting period, new initiatives were assessed to evaluate whether a PIA was required in accordance with Government of Canada policy.
Appendix A: Delegation Order
Description
Copy of the delegation order designating the director and deputy directors of the ATIP Secretariat to exercise the powers, duties and functions of the Minister as the head of Fisheries and Oceans Canada, under the provisions of the Privacy Act and related Regulations.
Appendix B: 2020-21 Statistical Report on the Privacy Act
Name of institution: Fisheries and Oceans Canada
Reporting period: 2020-04-01 to 2021-03-31
Section 1: Requests Under the Privacy Act
| Number of Requests | |
|---|---|
| Received during reporting period | 80 |
| Outstanding from previous reporting period | 5 |
| Total | 85 |
| Closed during reporting period | 62 |
| Carried over to next reporting period | 23 |
Section 2: Requests closed during the reporting period
| Disposition of Requests | Completion Time | |||||||
|---|---|---|---|---|---|---|---|---|
| 1 to 15 Days | 16 to 30 Days | 31 to 60 Days | 61 to 120 Days | 121 to 180 Days | 181 to 365 Days | More than 365 Days | Total | |
| All disclosed | 1 | 13 | 2 | 0 | 0 | 0 | 0 | 16 |
| Disclosed in part | 0 | 7 | 15 | 3 | 1 | 0 | 0 | 26 |
| All exempted | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| All excluded | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| No records exist | 1 | 1 | 14 | 0 | 0 | 0 | 0 | 16 |
| Request abandoned | 3 | 0 | 1 | 0 | 0 | 0 | 0 | 4 |
| Neither confirmed nor denied | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| Total | 5 | 21 | 32 | 3 | 1 | 0 | 0 | 62 |
| Section | Number of Requests |
|---|---|
| 18(2) | 0 |
| 19(1)(a) | 0 |
| 19(1)(b) | 0 |
| 19(1)(c) | 0 |
| 19(1)(d) | 0 |
| 19(1)(e) | 0 |
| 19(1)(f) | 0 |
| 20 | 0 |
| 21 | 0 |
| 22(1)(a)(i) | 0 |
| 22(1)(a)(ii) | 0 |
| 22(1)(a)(iii) | 0 |
| 22(1)(b) | 4 |
| 22(1)(c) | 0 |
| 22(2) | 0 |
| 22.1 | 0 |
| 22.2 | 0 |
| 22.3 | 0 |
| 22.4 | 0 |
| 23(a) | 0 |
| 23(b) | 0 |
| 24(a) | 0 |
| 24(b) | 0 |
| 25 | 0 |
| 26 | 26 |
| 27 | 0 |
| 27.1 | 0 |
| 28 | 0 |
| Section | Number of Requests |
|---|---|
| 69(1)(a) | 0 |
| 69(1)(b) | 0 |
| 69.1 | 0 |
| 70(1) | 0 |
| 70(1)(a) | 0 |
| 70(1)(b) | 0 |
| 70(1)(c) | 0 |
| 70(1)(d) | 0 |
| 70(1)(e) | 0 |
| 70(1)(f) | 0 |
| 70.1 | 0 |
| Paper | Electronic | Other |
|---|---|---|
| 7 | 33 | 2 |
2.5 Complexity
| Number of Pages Processed | Number of Pages Disclosed | Number of Requests |
|---|---|---|
| 13,877 | 7,330 | 46 |
| Disposition | Less Than 100 Pages Processed | 101-500 Pages Processed | 501-1000 Pages Processed | 1001-5000 Pages Processed | More than 5000 Pages Processed | |||||
|---|---|---|---|---|---|---|---|---|---|---|
| Number of Requests | Pages Disclosed | Number of Requests | Pages Disclosed | Number of Requests | Pages Disclosed | Number of Requests | Pages Disclosed | Number of Requests | Pages Disclosed | |
| All disclosed | 15 | 150 | 1 | 81 | 0 | 0 | 0 | 0 | 0 | 0 |
| Disclosed in part | 6 | 165 | 9 | 912 | 7 | 3,109 | 4 | 2,913 | 0 | 0 |
| All exempted | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| All excluded | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| Request abandoned | 4 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| Neither confirmed nor denied | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| Total | 25 | 315 | 10 | 993 | 7 | 3,109 | 4 | 2,913 | 0 | 0 |
| Disposition | Consultation Required | Legal Advice Sought | Interwoven Information | Other | Total |
|---|---|---|---|---|---|
| All disclosed | 1 | 0 | 16 | 1 | 18 |
| Disclosed in part | 1 | 0 | 26 | 0 | 27 |
| All exempted | 0 | 0 | 0 | 0 | 0 |
| All excluded | 0 | 0 | 0 | 0 | 0 |
| Request abandoned | 0 | 0 | 4 | 0 | 4 |
| Neither confirmed nor denied | 0 | 0 | 0 | 0 | 0 |
| Total | 2 | 0 | 46 | 1 | 49 |
2.6 Closed requests
| Requests closed within legislated timelines | |
|---|---|
| Number of requests closed within legislated timelines | 59 |
| Percentage of requests closed within legislated timelines (%) | 95.2 |
2.7 Deemed refusals
| Number of Requests Closed Past the Legislated Timelines | Principal Reason | |||
|---|---|---|---|---|
| Interference with Operations / Workload | External Consultation | Internal Consultation | Other | |
| 3 | 2 | 1 | 0 | 0 |
| Number of Days Past Legislated Timelines | Number of Requests Past Legislated Timeline Where No Extension Was Taken | Number of Requests Past Legislated Timelines Where an Extension Was Taken | Total |
|---|---|---|---|
| 1 to 15 days | 0 | 2 | 2 |
| 16 to 30 days | 0 | 0 | 0 |
| 31 to 60 days | 0 | 0 | 0 |
| 61 to 120 days | 0 | 1 | 1 |
| 121 to 180 days | 0 | 0 | 0 |
| 181 to 365 days | 0 | 0 | 0 |
| More than 365 days | 0 | 0 | 0 |
| Total | 0 | 3 | 3 |
| Translation Requests | Accepted | Refused | Total |
|---|---|---|---|
| English to French | 0 | 0 | 0 |
| French to English | 0 | 0 | 0 |
| Total | 0 | 0 | 0 |
Section 3: Disclosures under subsections 8(2) and 8(5)
| Paragraph 8(2)(e) | Paragraph 8(2)(m) | Subsection 8(5) | Total |
|---|---|---|---|
| 0 | 0 | 0 | 0 |
Section 4: Requests for correction of personal information and notations
| Disposition for Correction Requests Received | Number |
|---|---|
| Notations attached | 0 |
| Requests for correction accepted | 0 |
| Total | 0 |
Section 5: Extensions
| Number of requests where an extension was taken | 15(a)(i) Interference with operations | 15 (a)(ii) Consultation | 15(b) Translation purposes or conversion |
|||||
|---|---|---|---|---|---|---|---|---|
| Further review required to determine exemptions | Large volume of pages | Large volume of requests | Documents are difficult to obtain | Cabinet Confidence Section (Section 70) | External | Internal | ||
| 36 | 1 | 5 | 0 | 29 | 0 | 1 | 0 | 0 |
| Length of Extensions | 15(a)(i) Interference with operations | 15 (a)(ii) Consultation | 15(b) Translation purposes or conversion |
|||||
|---|---|---|---|---|---|---|---|---|
| Further review required to determine exemptions | Large volume of pages | Large volume of requests | Documents are difficult to obtain | Cabinet Confidence Section (Section 70) | External | Internal | ||
| 1 to 15 days | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| 16 to 30 days | 1 | 5 | 0 | 29 | 0 | 1 | 0 | 0 |
| 31 days or greater | - | - | - | - | - | - | - | 0 |
| Total | 1 | 5 | 0 | 29 | 0 | 1 | 0 | 0 |
Section 6: Consultations received from other institutions and organizations
| Consultations | Other Government of Canada Institutions | Number of Pages to Review | Other Organizations | Number of Pages to Review |
|---|---|---|---|---|
| Received during the reporting period | 0 | 0 | 0 | 0 |
| Outstanding from the previous reporting period | 0 | 0 | 0 | 0 |
| Total | 0 | 0 | 0 | 0 |
| Closed during the reporting period | 0 | 0 | 0 | 0 |
| Carried over to the next reporting period | 0 | 0 | 0 | 0 |
| Recommendation | Number of Days Required to Complete Consultation Requests | |||||||
|---|---|---|---|---|---|---|---|---|
| 1 to 15 Days | 16 to 30 Days | 31 to 60 Days | 61 to 120 Days | 121 to 180 Days | 181 to 365 Days | More than 365 Days | Total | |
| All disclosed | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| Disclosed in part | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| All exempted | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| All excluded | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| Consult other institution | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| Other | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| Total | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| Recommendation | Number of days required to complete consultation requests | |||||||
|---|---|---|---|---|---|---|---|---|
| 1 to 15 Days | 16 to 30 Days | 31 to 60 Days | 61 to 120 Days | 121 to 180 Days | 181 to 365 Days | More than 365 Days | Total | |
| All disclosed | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| Disclosed in part | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| All exempted | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| All excluded | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| Consult other institution | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| Other | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| Total | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Section 7: Completion time of consultations on cabinet confidences
| Number of Days | Fewer than 100 Pages Processed | 101-500 Pages Processed | 501-1000 Pages Processed | 1001-5000 Pages Processed | More than 5000 Pages Processed | |||||
|---|---|---|---|---|---|---|---|---|---|---|
| Number of Requests | Pages Disclosed | Number of Requests | Pages Disclosed | Number of Requests | Pages Disclosed | Number of Requests | Pages Disclosed | Number of Requests | Pages Disclosed | |
| 1 to 15 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| 16 to 30 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| 31 to 60 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| 61 to 120 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| 121 to 180 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| 181 to 365 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| More than 365 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| Total | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| Number of Days | Fewer than 100 Pages Processed | 101-500 Pages Processed | 501-1000 Pages Processed | 1001-5000 Pages Processed | More than 5000 Pages Processed | |||||
|---|---|---|---|---|---|---|---|---|---|---|
| Number of Requests | Pages Disclosed | Number of Requests | Pages Disclosed | Number of Requests | Pages Disclosed | Number of Requests | Pages Disclosed | Number of Requests | Pages Disclosed | |
| 1 to 15 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| 16 to 30 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| 31 to 60 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| 61 to 120 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| 121 to 180 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| 181 to 365 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| More than 365 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| Total | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
Section 8: Complaints and investigations notices received
| Section 31 | Section 33 | Section 35 | Court action | Total |
|---|---|---|---|---|
| 0 | 0 | 0 | 0 | 0 |
Section 9: Privacy Impact Assessments (PIA) and Personal Information Banks (PIB)
| Number of PIA(s) completed | 1 |
|---|
| Active | Created | Terminated | Modified |
|---|---|---|---|
| 53 | 0 | 0 | 1 |
Section 10: Material privacy breaches
| Number of material privacy breaches reported to TBS | 0 |
|---|---|
| Number of material privacy breaches reported to OPC | 0 |
Section 11: Resources related to the Privacy Act
| Expenditures | Amount |
|---|---|
| Salaries | $858,330 |
| Overtime | $0 |
| Goods and Services | $77,031 |
| • Professional services contracts | ($59,715) |
| • Other | ($17,316) |
| Total | $935,361 |
| Resources | Person Years Dedicated to Privacy Activities |
|---|---|
| Full-time employees | 11.36 |
| Part-time and casual employees | 0.31 |
| Regional staff | 0 |
| Consultants and agency personnel | 0.391 |
| Students | 0.48 |
| Total | 12.541 |
- Date modified: