Government of Canada Pension Modernization Project, release 1.5—Enhanced case management and imaging: Privacy impact assessment summary

On this page

Introduction

This document summarizes the privacy impact assessment report that the Government of Canada undertook to ensure that privacy was considered throughout the development and deployment of release 1.5 of the Government of Canada Pension Modernization Project. The privacy impact assessment report concluded that personal information is involved in release 1.5 with an overall risk rating of "medium". Implementation of the mitigation mechanisms described in the privacy risk management plan below will alleviate potential issues and concerns.

Background

Public Works and Government Services Canada is the administrative authority for the disbursement of pay and pension services under the Department of Public Works and Government Services Act. The department is responsible for the administration of pension plans for public servants governed under the Public Service Superannuation Act, and for the administration of the respective pension plans for the members of Parliament, federal judges, the diplomatic corps, and the lieutenant governors. The department also provides pension services, on a cost recovery basis to the military members of the Department of National Defence.

The Government of Canada Pension Modernization Project has been established to develop and implement information technology (IT) solutions for the renewal of Public Works and Government Services Canada's pension administration systems and services. The project will provide a modern pension administration system through the phased adoption of commercial off-the-shelf software-based solutions.

Business process

The business requirements for Government of Canada Pension Modernization Project, release 1.5 are focused on the automation and enhancement of service delivery to clients. Release 1.5 consists of providing Public Service Pension Centre operations and other groups within the Compensation Sector with enhanced case management capabilities and the addition of digitized images for all incoming documents received by mail and fax.

Public Service Pension Centre agents include pension specialists, client inquiry, pension portability and executive services personnel. Unlike release 1.0, where only half of the Public Service Pension Centre's staff in Shediac were expected to access the system, release 1.5 extends the case management capabilities to the rest of the Public Service Pension Centre's operations, approximately 600 end users.

In release 1.5, all incoming mail and faxes will now be received and digitized by the Cheques Redemption Control Directorate's imaging facility located in Matane, Québec. Upon receipt of incoming hard copy mail or fax by the directorate, an image of each document is captured. In addition to processing all incoming mail, release 1.5 provides the capability to process requests received by electronic mail. An email received from a client will be automatically acknowledged by the system with an indication to the sender as to when an answer should be provided.

Personal information collected by the Government of Canada Pension Modernization Project, release 1.5

The following data elements, which constitute personal information, are collected as follows:

The new imaging functionality in release 1.5 does not have an impact on the following processes:

Data from the existing Production Control File Location System (PCFLS) will be converted and brought into the case management application. No other legacy applications or databases are being discontinued during the operational period for release 1.5.

Data analysis

The data flow analysis section of the privacy impact assessment report identifies and traces personal information from the point of collection to the point where all copies of the information are disposed or permanently destroyed.

Table 1: Data flow analysis

This table documents the personal information involved in three business processes of the Government of Canada Pension Modernization Project, release 1.5.

Business process Description Collected by Format Purpose of collection Used by or disclosed to Storage or retention site
Manage contacts
  • name
  • salutation
  • home address
  • email address
  • telephone number
  • fax number
  • Personal Record Identifier (PRI)
  • pension number (PN)
  • date of birth
  • toll-free numbers
  • customer relationship management (CRM): call monitoring
  • manage incoming correspondence
  • legacy annuitant and contributor systems via Superannuation Master Index Retrieval System (SMIRS) bridge
  • telephone
  • interactive voice response (IVR)
  • teletypewriter (TTY)
  • fax
  • email
To manage client inquiries and requests via the Public Service Pension Centre's client contact centre
  • active and retired member
  • (ex-) spouses and (ex-) partners of an active or retired member
  • children of a retired member
  • family members of an active or retired member
  • power of attorney or lawyer
  • pension system
  • universal client management (UCM)
  • customer relationship management (CRM)
Manage correspondence
  • document image
  • document
  • Personal Record Identifier (PRI) and pension number (PN)
  • surname
  • given name
  • address
  • telephone number
  • email address
  • Cheque Redemption Control Directorate
  • system-generated
  • agent or pension expert
  • mail
  • fax
  • email
  • image
To manage incoming and outgoing correspondence
  • active member
  • retired member
  • power of attorney or lawyer
  • employer
  • external stakeholder
  • Cheque Redemption Control Directorate's imaging system database
  • Cheque Redemption Control Directorate's image repository
  • customer relationship management (CRM)
Manage contributions and receivables Cheque payments:
  • document image
  • name
  • amount
  • cheque number
  • bank account number
  • transit number
  • financial institution number
  • encashment date

Department remittance information file for Bill Payment Services:

  • Personal Record Identifier (PRI) and pension number (PN)
  • name
  • amount
  • possibly other personal data
  • Cheque Redemption Control Directorate
  • Bill Payment Services contractor (National Bank of Canada)
  • mail
  • image
To handle receipt of contributions and other receivables
  • Common Department Financial System
  • Receiver General
  • Cheque Redemption Control Directorate's imaging system database
  • Cheque Redemption Control Directorate's image repository
  • Bill Payment Services database

Privacy risk management

Section 6 of the privacy impact assessment report identifies the Government of Canada Pension Modernization Project, Release 1.5 privacy risks and potential risk mitigation strategies. The risk management plan below summarizes that information.

Table 2: Risk management plan

Element Nature of risks Level of risks Proposed mitigating mechanisms
Potential unauthorized disclosure of private information
  • inappropriate access
  • disclosure of personal information to unauthorized persons
Low
  • continue to provide training to agents
  • implement periodic audits of calls to monitor
  • refresher training on privacy issues
Capturing personal identifier data over interactive voice response (IVR)
  • inappropriate access
  • compromise of personal information to unauthorized persons
Low Personal Record Identifier (PRI) or service agreement (SA) number is not related to or stored with a name in the interactive voice response (IVR)
Compliance with Privacy Act, subsection 5(2), for privacy statements Inconsistent access to the privacy statement across all channels Low
  • callers are instructed to obtain the privacy statement via the existing website or to wait for an agent
  • develop a standard, generic privacy statement for all channels
  • add a link in outgoing e-fax and email messages to a website with further information on Public Works and Government Services Canada's Privacy Policy
Documented security procedures
  • inappropriate access
  • compromise of personal information to unauthorized persons
  • accountability
Low Establish and document detailed security procedures for the collection, transmission, storage and disposal of personal information
Audit logs and audit trails
  • inappropriate access
  • compromise of personal information to unauthorized persons
  • unauthorized changes to personal information
Medium
  • define audit requirements
  • design, develop and implement audit solution for all application software components
Safeguards to protect personal information
  • inappropriate access
  • compromise of personal information to unauthorized persons
  • unauthorized changes to personal information
Medium
  • implement safeguards recommended through the certification and accreditation process
  • continue to abide by conditions set out in letter of accreditation

Conclusion

The highest privacy risk identified in the privacy risk management plan is evaluated as "medium". Public Works and Government Services Canada has examined the impacts and has proposed appropriate mitigation strategies for the identified privacy risks associated with release 1.5 of the Government of Canada Pension Modernization Project.

Most notably, there is a need for audit requirements and additional safeguards to be implemented to protect personal information. Security activities are being conducted in parallel with the privacy impact assessment in accordance with the certification and accreditation process.

The proposed mitigating mechanisms for the identified privacy risks indicate a continued commitment by the Crown in ensuring the confidentiality and privacy of the personal information collected from individuals.

Date modified: