Privacy Impact Assessment Summary: Integrated Payment and Revenue Management System (IPRMS)

As part of the department’s modernization agenda, a new fee management system called the “Integrated Payment and Revenue Management System” (IPRMS) is being implemented. The Privacy Impact Assessment was undertaken to identify any privacy risks associated with this initiative.

IPRMS is a system designed to replace three legacy systems involved in the handling of cost recovery fees, namely the Handling Public Money (HPM) system, the Point of Sale + (POS +) system and the customized Point of Sale Canada functionality (POS Canada) residing in CIC’s SAP system. IPRMS will collect information relevant to ensuring adequate financial control over CIC’s Revenues, such as the type of fee purchased and the amount and form of payment received from the payer. It will maintain similar payer contact information to what currently exists in HPM, POS + and POS +.

IPRMS will interface with the departmental case management system, GCMS, and the departmental financial system, IFMS-SAP.

IPRMS will use the Receiver General Buy Button (RGBB) to collect fees through the internet, the Bill Payment Service (BPS) to collect payments made at a Canadian Financial Institution and the Secure File Transfer (SFT) infrastructure managed by Public Works and Government Services (PWGSC) to ensure secure transmission of payment data between PWGSC and CIC. RGGB, BPS and SFT are already used at CIC and are common services that have already been certified and accredited for use by all federal departments and agencies.

A Threat and Risk Assessment (TRA) on IPRMS has additionally been completed for this initiative.