Income Verification Services v 2.0 - Privacy impact assessment summary

Information and Relationship Management Directorate, Service Innovation and Integration Branch

Overview & PIA initiation

Government institution

Canada Revenue Agency

Government official responsible for the PIA

Mireille Laroche
Assistant Commissioner
Service Innovation and Integration Branch

Head of the government institution or Delegate for section 10 of the Privacy Act

Marie-Claude Juneau
Access to Information and Privacy Directorate

Name of program or activity of the government institution

Tax Services and Processing and Benefit Programs

Description of the class of record and personal information bank

Standard or institution specific class of record:

Standard or institution specific personal information bank:

Legal authority for program or activity

Section 241 of the Income Tax Act allows the CRA to provide certain taxpayer information to any person, including a federal, provincial or territorial official, with the consent of the taxpayer. The legal authority that allows the provincial, territorial or federal government department to collect personal information and enter into an agreement with the CRA is specified in each written agreement. 

Summary of the project / initiative / change

Overview of the program or activity

To be eligible for various provincial/territorial and federal income assistance programs, applicants are required to provide verification of income.  Examples of programs include drug cost assistance, housing, student loans and grants, etc.

The CRA provides reliable and timely information to assist with these income-tested programs. Upon the consent of the applicant, the CRA will provide the required income verification electronically to the partner government entity.  In addition to providing the information required to verify or to determine an applicant’s eligibility for assistance, the electronic transmission process shortens the applicant’s waiting time for the receipt of the benefit or assistance.

Only the agreed upon, and the minimum number of data fields are provided to the partner by the CRA, thus addressing confidentiality and privacy concerns.

Taxpayers are positively impacted due to the convenience of not having to provide income verification documents to the program administrator, and by the timeliness of the receipt of the benefit.

Due to the decrease in taxpayer requests for notices of assessments, the CRA sees significant cost savings.

Partners in the program have access to the required taxpayer information as and when required. Therefore, they are able to serve their applicants more efficiently and effectively.

What’s new

New Income Verification partners have been added to the PIA to reflect new programs to which the CRA may exchange information with Provincial and Territorial clients.

Scope of the privacy impact assessment

Written collaborative arrangements are in place with each government entity to which the CRA provides income verification. Each agreement includes the legislation which allows the exchange, security standards for the handling, storage, and destruction of information, a copy of the CRA-approved consent, the listing of data fields which will be provided to the partner, the conditions and procedures for the provision of taxpayer information, conditions regarding retention and security, financial arrangements, and the designated officials from each partner and their roles and responsibilities. Each agreement is accompanied by a security questionnaire which is reviewed and approved by the Security and Internal Affairs Directorate. There is an internal audit clause included in each agreement, which stipulates that a periodic review must be conducted by the partner with respect to confidentiality and security of information provided by the CRA.

This PIA focuses on the income verification services provided to these other federal or provincial/territorial government departments. Excluded from the scope of this PIA are the established CRA programs that are the source of the information. These programs are the object of individual PIAs.

Risk identification and categorization

A) Type of program or activity

Compliance / Regulatory investigations and enforcement

Level of risk to privacy: 3

Details: The personal information collected is used mainly for the administration of the GST/HST program (e.g. identification purposes, processing returns, rebates, and elections, collecting revenue, issuing payments, and providing support to clients) in order to determine the correct amount of GST/HST owing on the account and to prevent the issuance of unwarranted refunds and rebates.

During our select processes we link information from other revenue lines and/or programs to the information on a registrant’s GST/HST return. For example, when looking at a sole proprietor’s account, we gather the SIN and/or names to match from the T1 data, in order to compare them to the individual’s GST/HST account. In addition, the GST/HST program conducts limited reviews, and verifications/validations, and reassesses files (returns, rebate claims).

B) Type of personal information involved and context

Social insurance number, medical, financial or other sensitive personal information and/or the context surrounding the personal information is sensitive. Personal information of minors or incompetent individuals or involving a representative acting on behalf of the individual.

Level of risk to privacy: 3

Details: The GST/HST program relies on information collected to assess files (returns, rebate claims, and elections). Personal information collected from taxpayers includes details such as name, contact information, financial information and signature, in order to validate a person’s identity. Information is also collected verbally with questions in order to ensure the confidentiality test is passed, before discussing individual tax matters.

The SIN is used for identification purposes. For example, to properly identify a claimant in order to ensure eligibility for rebates such as: 

The GST/HST program also collects financial information to complete requests for direct deposit of approved refund/rebate amounts. Direct deposit of credits owed is a service offered to clients.

C) Program or activity partners and private sector involvement

Private sector organizations or international organizations or foreign governments 

Level of risk to privacy: 4

Details: Information may be collected from and shared with participating provincial partners and other federal institutions. For example, Global Affairs Canada (GAC) provides monthly arrival/departure reports which lists the name, diplomat number, date of entry/exit, and country. We need this information to determine eligibility of GST/HST Rebate Applications for Foreign Representatives, Diplomatic Missions, Consular Posts, International Organizations, or Visiting Forces Units. For example, we need the date of entry/exit in the event the applicant submits a claim outside the eligibility period. We also require the applicant's country of origin as the reciprocal agreement varies, depending on the country. Global Affairs Canada (GAC) also validates/verifies addresses and spouse/dependants. If a client has a problem with their assessment, they often contact Global Affairs Canada (GAC) as an intermediary between themselves and CRA.

Information and procedures are also shared with Revenu Québec as they are responsible for administering the GST within the province of Quebec. 

Private sector involvement includes external third parties that may be used to identify or clarify missing information on GST/HST rebate applications. For example, a builder who credits a rebate amount to the home purchaser (claimant) at the time of purchase may be contacted to clarify details on the application that is subsequently submitted.

D) Duration of the program or activity: Long-term program

Long-term program

Level of risk to privacy: 3

Details: GST was established in 1991. The GST/HST program is an existing long-term program with no anticipated sunset date. Although certain return, rebate, or election types processed by CRA may be transitional in nature with an established sunset date, the program as a whole is long-term. 

E) Program population

The program affects certain individuals for external administrative purposes. 

Level of risk to privacy: 3

Details: The GST/HST program affects businesses and individuals, both registrants and non-registrants, who have filed or not filed (but may be required to) a return, rebate, or election related to the GST/HST program. 

F) Technology & privacy

Does the new or modified program or activity involve the implementation of a new electronic system, software or application program including collaborative software (or groupware) that is implemented to support the program or activity in terms of the creation, collection or handling of personal information?

Risk to privacy: No

Details: N/A

Does the new or modified program or activity require any modifications to IT legacy systems and/or services? 

Risk to privacy: No

Details: N/A

The new or modified program or activity involves the implementation of one or more of the following technologies: 

Enhanced identification methods

This includes biometric technology (i.e. facial recognition, gait analysis, iris scan, fingerprint analysis, voice print, radio frequency identification (RFID), etc...) as well as easy pass technology, new identification cards including magnetic stripe cards, "smart cards" (i.e. identification cards that are embedded with either an antenna or a contact pad that is connected to a microprocessor and a memory chip or only a memory chip with non-programmable logic).

Risk to privacy: No

Details: N/A

Use of Surveillance

This includes surveillance technologies such as audio/video recording devices, thermal imaging, recognition devices , RFID, surreptitious surveillance / interception, computer aided monitoring including audit trails, satellite surveillance etc.

Risk to privacy: No

Details: N/A

Use of automated personal information analysis, personal information matching and knowledge discovery techniques

For the purposes of the Directive on PIA, government institutions are to identify those activities that involve the use of automated technology to analyze, create, compare, identify or extract personal information elements. Such activities would include personal information matching, record linkage, personal information mining, personal information comparison, knowledge discovery, information filtering or analysis. Such activities involve some form of artificial intelligence and/or machine learning to uncover knowledge (intelligence), trends/patterns or to predict behavior.

Risk to privacy: Yes

Details: Using file transfer protocol with Entrust encryption software, the federal, provincial or territorial partner gives the CRA information, such as the given name, surname, social insurance number and date of birth, to validate an individual’s identity. To get a high accuracy rating, the social insurance number and two of the three other elements must match. Once a match is made, the CRA sends the partner the type and number of data fields they agreed upon, using the same file transfer protocol.

G) Personal information transmission

The personal information is transmitted using wireless technologies.

Level of risk to privacy: 2

Details: Personal information is pulled from the CRA’s mainframe system and is sent to the partner organization using file transfer protocol with Entrust encryption software.

H) Risk impact to the individual or employee

Details: A compromise of personal data has the potential to cause financial harm and embarrassment to the individual.

Page details

Date modified: