Ensuring accountability at the CRA: Our commitment to protecting privacy

For the Canada Revenue Agency (CRA), maintaining the public trust is a key component of ensuring compliance. Part of maintaining that trust is making sure taxpayers know their rights and responsibilities so they can hold us accountable. The Taxpayer Bill of Rights, announced in 2007, outlines the standards you can expect from employees at the CRA to provide professional, courteous, and fair service. It also gives you assurance that concerns or complaints brought to the CRA will be investigated fully and impartially.

The CRA's Chief Privacy Officer

In April 2013, the CRA appointed its first Chief Privacy Officer (CPO), who is also the Assistant Commissioner of the Public Affairs Branch and is responsible for the access to information and privacy functions within the CRA.

In keeping with the CRA's culture of integrity, the creation of this position reinforces the CRA's commitment to excellence.

The role of the CPO is to ensure that the CRA's respect for the privacy of the information it maintains is reinforced and strengthened. The Chief Privacy Officer has a broad mandate for privacy oversight at the CRA.

The Chief Privacy Officer is responsible for:

• overseeing decisions related to privacy, including assessing the privacy impacts of our programs;
• championing personal privacy rights according to legislation and policy, including managing internal privacy breaches; and
• reporting to CRA senior management on the state of privacy management at the CRA at least twice a year.

Our responsibility for sound privacy management goes beyond appointing a Chief Privacy Officer and is a responsibility all employees share.

What happens when there is a privacy breach?

A breach of information could include incidents such as theft or loss of information or data storage equipment, as well as improper or unauthorized collection, use, disclosure, access, storage, or disposal of information, including misdirected correspondence. It can be the result of errors or of malicious actions by employees, third parties, partners in information-sharing agreements, or intruders. When a breach of privacy is reported to, or discovered by, the CRA and affects the safety or security of a taxpayer, the CRA takes immediate steps to inform affected taxpayers and, where appropriate, the Office of the Privacy Commissioner. If criminal activity is suspected, the CRA co-operates fully with the Royal Canadian Mounted Police. If you suspect that your confidential information has been compromised, you should contact the CRA.

Inquiring about Privacy at the CRA

Any questions, comments, concerns or complaints you may have regarding the administration of the Privacy Act and privacy policies regarding the CRA's web presence may be directed to our Access to Information and Privacy Coordinator by email to ATIP-AIPRP@cra-arc.gc.ca, by calling 613-960-5393 (Ottawa area) or 1-866-333-5402, or writing to the following address:

Director, ATIP Directorate
Canada Revenue Agency
5th Floor
555 MacKenzie Avenue
Ottawa ON  K1A 0L5

If you are not satisfied with the CRA's response to your privacy concern, you may wish to contact the Office of the Privacy Commissioner by telephone at 1-800-282-1376.