Integrated Information System: Privacy impact assessment summary
On this page
Introduction
The publication of this summary of the privacy impact assessment will help to assure employees of the federal government that the Government of Canada has undertaken significant measures to maintain the privacy of their personal information provided while using the Translation Bureau Integrated Information System of Public Works and Government Services Canada.
The Privacy Impact Assessment Policy requires that the privacy impact assessment completed for the Integrated Information System application be provided to and reviewed by the Office of the Privacy Commissioner. With the formal review process now complete, the response from the Office of the Privacy Commissioner has confirmed that, with the commitments given to address specific privacy concerns raised in the privacy impact assessment, the Office of the Privacy Commissioner is satisfied that the Integrated Information System poses few material privacy risks to Canadians. The privacy risk management plan addresses all privacy concerns raised in the privacy impact assessment and additional communications with the Office of the Privacy Commissioner in a satisfactory and appropriate manner.
The privacy impact assessment for the Integrated Information System identifies five privacy concerns that can be mitigated by implementing the recommendations in the privacy risk management plan. The privacy risks identified are all considered low in severity, relating mostly to process documentation.
Business model
The Integrated Information System is a mission-critical, web-based order-entry application used by all sectors of the Translation Bureau and its federal government clients, including the House of Commons and Senate. The Integrated Information System facilitates the submission and delivery of translation and linguistic services. The application is used to streamline and optimize the Bureau's business processes such as workflow management, tracking incentives for translators, and improving services to its client communities (that is, order management). The Integrated Information System is also the data source that feeds the Translation Bureau Billing System.
The Integrated Information System is hosted on a series of servers located behind a firewall at Public Works and Government Services Canada's Aviation Parkway Data Centre. Clients connected to the Translation Bureau network are connected through the Government's Secure Channel Network (SCNET) to the secure infrastructure. The Integrated Information System application is only available on SCNET.
The Oracle 9i database server authentication and authorization have been applied so that only the database administrator and the Integrated Information System application servers have access to the data. No other direct access to the database is viable. The Integrated Information System application is accessible only through an encrypted communication port, Secure Socket Layer version 3 (SSLv3) and only authenticated users have access to the application.
Client registration
Clients of government departments wishing to use the Integrated Information System for the purpose of submitting translation or linguistic orders must first be registered in the Integrated Information System. During the registration process, users are asked to enter information such as their name, language for correspondence, telephone number, address, mailing address (if different) and email address. Once successfully registered, users (known as contacts) are permitted to use the Integrated Information System and submit orders. In addition, contacts are able to access their registration information at any time and make changes to it.
The information collected from clients is not viewed as personal information under the meaning of section 3 of the Privacy Act.
Translation Bureau employee registration
For all Bureau employees, it is the responsibility of the employee's supervisor (that is, the manager) to create the employee's profile in the Integrated Information System and must:
- enter the employee's information such as name, language for correspondence, telephone number, address and email address
- enter the employee's personal record identifier (PRI) and classification information
- Identify the user as an "internal resource" in the Integrated Information System
Notes
- Bureau employees can access their own personal information directly via the Integrated Information System and make changes to anything other than their PRI
- The PRI can only be viewed or modified by the employee's manager
- Only users identified as an "internal resource" will have a PRI in the Integrated Information System
The only personal information collected by the Integrated Information System pertains to Translation Bureau employees (that is, users identified as "internal resources"). The information is name, PRI, the time spent on specific tasks and projects and the language preference of employees.
The employee name, PRI and working hours are passed on to the Integrated Information System incentive and billing modules in order to manage resources, determine employee monetary incentives (if applicable) and bill clients. The language for correspondence is used by the application to correspond with the user in the language of his or her choice.
Orders
Once an order (that is, the document to be translated) has been received and estimated, the work is assigned to an available internal resource and the internal resource carries out the work.
Timesheets
All persons identified as internal resources must complete a timesheet for each project completed (that is, each order) or task performed.
Billing process
After all tasks associated with an order are completed, verified and approved, the order is closed and flagged ready for billing. The billing information is extracted monthly to the Translation Bureau Billing System.
Privacy notice statement
As per the Treasury Board of Canada Secretariat Common Look and Feel (CLF) guidelines, a link to Public Works and Government Services Canada's Government of Canada Privacy Notice is accessible to all users of the Integrated Information System application. This notice summarizes the privacy policy and practices of Public Works and Government Services Canada's websites.
In addition, the Integrated Information System provides a privacy notice statement outlining the specific purposes for the collection of personal information and the authority for doing so. This notice is presented to all internal resources upon their first successful login only.
The Integrated Information System's privacy notice statement describes the purpose of collection, use and disclosure of all personal information obtained by the site, and the Personal Information Bank (PIB) where the information is securely stored. The Integrated Information System's privacy notice summarizes the privacy policy and practices adhered to on the site.
Once internal resource users have read the notice, they are asked to proceed to the application. Consent to collect personal information is not required from the employee, as the information is required to enable the management of resources, the billing of clients and the payment of incentives to employees in accordance with the memorandum of understanding between the Treasury Board of Canada and the Canadian Union of Professional and Technical Employees respecting the financial incentives plan for the Translation Bureau.
Data analysis
As mentioned above, the only personal information collected by the Integrated Information System pertains to users identified as internal resources (that is, Translation Bureau employees). The employee name, PRI and working hours are passed on to the Integrated Information System incentive and billing modules in order to manage resources, determine employee monetary incentives (if applicable) and bill clients. The language for correspondence is used by the application to correspond with the user in the language of his or her choice.
The information collected from clients is not viewed as personal information under the meaning of section 3 of the Privacy Act.
| Description of personal information cluster | Collected by | Type of format (for example paper, electronic) | Used by | Purpose of collection | Disclosed to | Storage or retention site |
|---|---|---|---|---|---|---|
Employee data:
|
The Integrated Information System | Electronic |
|
|
|
Information about an employee is kept in the Integrated Information System for 6 years following deactivation |
Privacy risk management
The privacy concerns, risks and recommended mitigation strategies identified in the privacy impact assessment of the Integrated Information System are summarized in the table below.
| Issue | Nature of risk | Mitigation actions |
|---|---|---|
| There is no Personal Information Bank (PIB) registered with the Treasury Board of Canada Secretariat (TBS) for inclusion in Info Source | Individuals will not be aware of the existence of this PIB and of their right to access the information | A draft PIB has been submitted to TBS for review and inclusion in Info Source. |
| The recommendations identified in the threat and risk assessment are not fully implemented | There is a risk that the safeguards for access to and protection of personal information may not be addressed | The threat and risk assessment has been finalized and the recommendations thereof are being implemented; in addition, a certification work plan has been prepared and will be carried out |
| Security procedures and contingency plans are still to be documented | There is a risk that the custodian will not have security procedures in place to safeguard the personal information. | Ensure that the custodian is aware of this requirement and that the necessary steps are taken to define and document security procedures and contingency plans |
| Documentation of the contingency plan and procedures to identify and respond to security and/or privacy breaches is not complete | If contingency plans and procedures are not documented there is a risk that security or privacy breaches and disclosures in error may not be identified and corrected | Departmental policies dealing with the reporting of security breaches are being revised to incorporate procedures to respond to privacy breaches |
| Users are not advised to keep their access codes confidential | Users may provide their access codes to others, which may jeopardize their personal information | A notice to reflect this requirement is now displayed on the application's logon screen |
- Date modified: