Litigation Claims Processing Program
Government Institution
Department of National Defence
Government official responsible for the PIA
Hashem Mawlawi
Director, Litigation Implementation Team
Head of the government institution or Delegate for section 10 of the Privacy Act
Lisa Carozza, A/Executive Director
Directorate Access to Information and Privacy
Standard or Institution Specific Class of Record:
DND DLO 101
Litigation Claims Processing Class of Record
Standard or institution specific personal information bank:
DND PPU 873
Support to Litigation Claims Administration
Background
The Department of National Defence and Canadian Armed Forces (DND/CAF) are governed by the National Defence Act. The Act establishes DND’s mandate and authorities and stipulates that the Minister of National Defence has the management and direction of the CAF. DND is responsible for supporting the CAF in the defence of Canadian interests at home and abroad. When combined, DND/CAF is Canada’s largest federal department, employing nearly 125,000 personnel. This includes approximately 72,000 Regular Force members, 30,000 Reserve Force members, and 23,000 civilian or non-uniformed employees.
Over the past several years, DND/CAF has been involved in multiple class action lawsuits filed by current and former members. Most of those claims center on workplace issues and alleged failures to properly address workplace misconduct, harassment, and discrimination. Others pertain to the administration of pensions and benefits or infrastructure issues (e.g., contaminated sites). Some lawsuits remain in a state of proposal or classification, while others have resulted in court decisions, judgements, or Final Settlement Agreements (FSAs), which provide compensation and other remedial measures for claimants. Settled claims are managed by a court-appointed Administrator/Assessor but often require validation by DND’s Litigation Implementation Team (LIT).
Supporting Litigation Claims Administration
Typically (and as directed by a court) once a claims period begins, class members associated with a claim or FSA are entitled to submit a claim for financial and other compensation. Claims are filed with an external court-appointed Administrator. Court direction typically requires Canada to support the claims administration process by validating employment or service, previous compensation, and residency details of claimants in support of the Administrator’s work -- though validation work will vary case by case. This support work is performed by LIT.
When directed by a court, LIT (representing DND, Canada) is responsible for validating a claimant’s employment or service, and for reviewing selected claims and providing copies of relevant claimant records to the Administrator. The Administrator, in turn, assists the Assessor in rendering a decision on a claimant’s eligibility and compensation. LIT reviewers verify previous compensation for claims, request relevant and supporting service records (internal and external). LIT also supports and oversees the fulfillment of claims related remedial measures (often referred to as ‘Individual Reconciliation Measures’ or IRMs). IRMs may include citations, letters of apology, notes to the personnel files of claimants, and the provision of access to military and other records relating to a claim.
Purpose and Scope of the Privacy Impact Assessment (PIA)
To comply with court decisions, judgements, and FSAs, LIT receives personal information about claimants received from the court-appointed Administrator. This information is generally limited to that set out in claim forms. Claim forms, developed and issued by the Administrator, generally include a claimant’s name and contact information; service number, rank, occupation, and employment status with the CAF; information about the claimant’s representative; and information about incidents and harms suffered by the claimant while employed by DND/CAF. Claim forms also generally include information about compensation sought by the claimant.
DND is named in the Schedule to the Privacy Act and is subject to the privacy policies and directives of the Treasury Board of Canada Secretariat (TBS). Under the TBS Policy on Privacy Protection, all federal institutions subject to the Privacy Act are required to undertake an assessment of the privacy impacts associated with the development or design of new programs or services involving personal information (or when making significant changes to an existing program or service).
In keeping with the above, DND/CAF elected to undertake a Privacy Impact Assessment (PIA) to examine the privacy impacts associated with its support to litigation claims administration. The purpose of the PIA was to identify and help mitigate potential privacy issues arising from the collection, use, disclosure, and retention of personal information in relation to LIT’s court-directed activities supporting litigation claim processing, and to help ensure that DND/CAF’s handling of that information complies with the Privacy Act. It was also intended to help ensure that LIT is complying with privacy terms and conditions in court decisions, judgements, and FSAs.
The PIA was completed under the direction of the Director of LIT and approved by DND’s Director of Access to Information and Privacy (DAIP) Coordinator, DND’s delegate under section 73 of the Privacy Act.
Summary Results
Based on the results of the present PIA, privacy risks arising from DND/CAF’s litigation claims administration support is expected to be moderate to high. Potential impacts on the privacy of claimants are being properly managed however by DND/CAF through legal, policy and technical measures geared at the protection of personal information. Recommendations included in the PIA are expected to reduce program risks to a low (or acceptable) level.
Risk Area Identification and Categorization
Type of Program or Activity | Risk Level |
---|---|
Administration of Programs / Activity and Services Personal information is used to make decisions that directly affect the individual (i.e., determining eligibility for programs including authentication for accessing programs/services, administering program payments, overpayments, or support to clients, issuing or denial of permits/licenses, processing appeals, etc.). |
3 |
Type of Personal Information Involved | Risk Level |
Sensitive personal information, or information which may be particularly sensitive in certain contexts. | 5 |
Program or Activity Partners and Privacy Sector Involvement | Risk Level |
Within the department (amongst one or more programs within the department) | 4 |
With other federal institutions | |
Private sector organizations or international organizations or foreign governments | |
Duration of the Program | Risk Level |
Long-term program The program is of a long duration (5-10 years). |
4 |
Program Population | Risk Level |
The program's use of personal information is for internal administrative purposes but only affects certain employees. | 2 |
Technology and Privacy | |
Does the new or modified program or activity involve the implementation of a new electronic system, software or application program including collaborative software (or groupware) that is implemented to support the program or activity in terms of the creation, collection or handling of personal information? | No |
The new or modified program or activity involves the implementation of potentially privacy invasive technologies? | No |
Does the new or modified program or activity require substantial modifications to IT legacy systems and / or services? | No |
Information Transmission | Risk Level |
The personal information is used in system that has connections to at least one other system. | 5 |
The personal information may be transferred to a portable device or converted into a different medium. | |
The personal information is transmitted using wireless technologies. | |
The personal information is transmitted through a Cloud service. | |
Impact to the Individual or Employee | Risk Level |
Inconvenience. | 5 |
Reputational harm. | |
Psychological harm. | |
Financial harm. | |
Physical security. | |
Impact to the Department | Risk Level |
The embarrassment of public officials. | 5 |
A short-term loss of institutional credibility. | |
Financial harm. | |
Legal action. | |
A lasting decrease in public confidence in the institution, or the need for organizational restructuring or reform. |
Page details
- Date modified: