Summary Investigations/Board of Inquiries

Government Institution

Department of National Defence

Government official responsible for the PIA

Vivian Chu
Executive Director, Compliance, Fraud Prevention and Investigation Support Centre
Assistant Deputy Minister (Review Services)

Head of the government institution or Delegate for section 10 of the Privacy Act

Anne Bank, Executive Director
Directorate Access to Information and Privacy

Description of Program or Activity (from Departmental Results Framework):

Defence Team
Recruit, develop and support an agile and diverse Defence Team, within a healthy workplace free from harmful behaviour; support military families; and meet the needs of all retiring military personnel, including the ill and injured. Strengthen Canadian communities by investing in youth.

Standard or Institution Specific Class of Record:

DND CSA 520
Careers

Standard or Institution Specific Personal Information Bank:

DND PPE 832
Board of Inquiry/Summary Investigations

Legislated authority for activity:

Generally, subsection 45(1) of the National Defence Act authorizes the convening of a Board of Inquiry to inquire into any matter connected with the government, discipline, administration or functions of the CAF or affecting any CAF member.

Furthermore, under the authority of the National Defence Act, the Governor-in-Council and the Minister of National Defence make regulations and orders governing the organization, training, discipline, efficiency, administration and good governance of the CAF, carrying the purposes and provisions of the National Defence Act into effect. The Queens Regulations and Orders (QR&O) have been made pursuant to this authority. Specific to Boards of Inquiries and Summary Investigations, Chapter 21 of Volume I of QR&O is dedicated to requirements for these administrative investigations and is the legal authority for how the investigations are managed.

Summary of the project / initiative/ change:

This PIA has been developed to assess the manner in which the Canadian Armed Forces (CAF) conducts Summary Investigations (SIs) and Boards of Inquiries (BOIs), which are administrative investigations into various matters that occur within the CAF. SIs and BOIs are not disciplinary investigations resulting in the laying of charges or Court Martial under the Code of Service Discipline.

As administrative investigations, SIs and BOIs explore issues related to the command, control and administration of the CAF. These are a detailed search or inquiry to determine the facts, make findings, and develop recommendations to prevent the recurrence of an unfavourable occurrence, such as a serious injury, non-combat death (including suicide and attempted suicide), lost classified material, and others.

The Administrative Investigations Support Centre (AISC) was established in 2005 to improve and standardize the conduct of SIs and BOIs. The AISC does not perform the administrative investigations (SIs and BOIs); instead, they support those CAF members who are investigators through guidance, best practices, training, templates, and other related support. In all, pursuant to Defence Administrative Orders and Directives (DAOD) 7002-00, the AISC is responsible for:

  1. Developing, implementing and managing the policies and procedures governing the conduct of BOI and SIs.
  2. Providing instructions concerning procedural aspects of BOI and SIs. In part, this has resulted in AISC developing robust training on how to perform administrative investigations.
  3. Notifying the ADM (RS) of any non-compliance with DAOD 7002-0.
  4. Acting as the information repository for all BOI and all SI reports requiring CDS approval; i.e. those SIs/BOIs requiring CDS approval are informally called ‘registered investigations’ and are limited to SIs and BOIs related to serious injury and death. For all other types of SIs/BOIs, referred informally as non-registered investigations, the AISC is not the official repository. Instead, the AISC maintains some data in its case management system , but records on non-registered SIs/BOIs are not required to be forwarded to AISC. Therefore, records repository locations on non-registered SIs/BOIs are at the discretion of the Ordering Authority.

In some instances, such as death or serious injury involving a member being incapacitated, a SI/BOI Final Report is disclosed to the member’s representative (often the next of kin) which follows a procedure for proactive disclosure under para. 8(2)(m)(i) of the Privacy Act. Therefore, the member’s representative is not required to submit a formal request under the Privacy Act or Access to Information Act. DND’s Directorate of Access to Information and Privacy (DAIP) is responsible for reviewing these Final Reports and redacting personal information where required/permitted by the Privacy Act, such as that of third parties.

In the completion of this PIA, four risks identified – two (2) Low, and two (2) Medium. A risk mitigation strategy has been developed which will result in a reduction of risk to an acceptable level within an acceptable timeframe.

Risk Area Identification and Categorization

In its Directive on Privacy Impact Assessment, Treasury Board has expressed that the PIA must include a completed risk identification and categorization section and make public those risk ratings. A risk rating must be assigned to each risk areas named and described in Appendix C of the Directive on Privacy Impact Assessment. The numbered risk scale is presented in an ascending order: the first level (1) represents the lowest level of potential risk for the risk area; the fourth level (4) represents the highest level of potential risk for the given risk area. For this PIA the risk areas and associated risk levels are as follows:

Type of Program or Activity Risk Level

Compliance / Regulatory investigations and enforcement
Personal information is used for purposes of detecting fraud or investigating possible abuses within programs where the consequences are administrative rather than criminal in nature (e.g., a discontinuation of benefits or an audit of personal income tax file).

3
Type of Personal Involved and Context Risk Level

Sensitive personal information, including detailed profiles, allegations or suspicions, bodily samples and/or the context surrounding the personal information is particularly sensitive. For example: personal information that reveals intimate details on the health, financial situation, religious or lifestyle choices of the individual and which, by association, reveals similar details about other individuals such as relatives.

4
Program or Activity Partners and Privacy Sector Involvement Risk Level

With other or a combination of federal/ provincial and/or municipal government(s).

3
Duration of the Program Risk Level

Long-term program
Existing program that has been modified or is established with no clear “sunset”.

3
Program Population Risk Level

The program affects certain individuals for external administrative purposes.

3
Technology and Privacy

Administrative investigative information is collected and stored in existing CAF/DND repositories which are approved for the storage and processing of up to Protected B information.

Information Transmission Risk Level

The personal information is transferred to a portable device or is printed.
USB key, diskette, laptop computer, any transfer of the personal information to a different medium.

3
In the Event of a Privacy Breach Impacting the Individual

In the event that a privacy breach, there are potentially significant and lasting negative impacts on the reputation of members and their families. The records collected to support SIs and BOIs are extremely sensitive, such as death information, autopsy reports, and other similar sensitive data. The unauthorized disclosure of such information would, at a minimum, cause general embarrassment to a member and his/her family, but could be aggravated on a case-by-case basis.

Page details

Date modified: