Annual Report to Parliament on the Administration of the Privacy Act – 2022-23

Introduction

The Privacy Act protects the privacy of individuals with respect to their personal information held by government institutions. It establishes the rules for the collection, use, disclosure, retention and disposal of such information. It also provides individuals with a right to be given access to, and to request a correction of, their personal information.

Shared Services Canada (SSC) is pleased to submit to Parliament its twelfth Annual Report on the Administration of the Privacy Act. This report is prepared and tabled in Parliament in accordance with section 72 of the Act. It covers the period from April 1, 2022, to March 31, 2023.

Institutional Mandate

SSC was created in 2011 to transform how the Government of Canada managed and secured its information technology (IT) infrastructure.

SSC supports the Government of Canada’s digital vision to expand and improve the scope of digital service capacity, accelerate the pace of digital modernization and strengthen the ongoing support for digital tools, systems and networks government-wide.

In carrying out its mandate, SSC is supporting the Digital Operations Strategic Plan and the Government of Canada Cloud Adoption Strategy. It is also working in partnership with public-and private-sector stakeholders, implementing enterprise-wide approaches for managing IT infrastructure services and employing effective and efficient business management processes.

Delegated Authority

The Minister of Public Services and Procurement is responsible for handling requests submitted under the Privacy Act. Pursuant to subsection 73(1) of the Act, the Minister has delegated full powers, duties and functions to members of the Department’s senior management, including the Director and the Deputy Directors of the Access to Information and Privacy (ATIP) Protection Division, hereafter referred to as the ATIP Division (refer to Annex A).

ATIP Division Structure

ATIP Division Structure image

The ATIP Division is part of the Corporate Secretariat, which is overseen by the Director General, Corporate Secretary and Chief Privacy Officer, situated within the Strategy and Engagement Branch (SEB).

The Division administers the Access to Information Act (ATIA) and the Privacy Act, led by a Director who acts as the ATIP Coordinator for the Department. Two units carry out the work under two Deputy Directors, one leading the Operations Unit and the other, the Policy and Governance Unit. While an average of 23 person years were dedicated to the ATIP program, 6 person-years were dedicated to the administration of the Privacy Act. These person years include full time equivalents and students.

The Operations Unit is responsible for processing requests under both Acts. This includes, but is not limited to, the following:

The Policy and Governance Unit is responsible for, but is not limited to, the following:

The ATIP Division’s administration of the Acts is facilitated at the branch and the directorate level of SSC. This would not be possible without the large number of employees across the Department who identify and review information to respond to requests.

SSC was not party to any service agreements under section 73.1 of the Privacy Act during the reporting period.

Performance 2022–2023

The Statistical Report (Annex B) on the administration of the Privacy Act provides a summary of the personal information requests and consultations processed during the 2022–2023 reporting period.

Requests Received

SSC received 65 requests submitted under the Privacy Act between April 1, 2022, and March 31, 2023. This total represents an increase of 14 percent from the previous year. Eleven requests were carried forward from 2021–2022 for a total of 76 requests for the reporting period. Privacy requests received were mainly from SSC employees seeking human resources-related information such as staffing competitions and email exchanges with specific criteria.

SSC processed 72 privacy requests and carried over 4 requests to the next reporting period. One carried-over request received in 2022–2023 is within the legislated timeline, and 3 requests are beyond the legislated timeline.

The ATIP Division experienced a slight increase in the number of pages processed at 37,198 pages for 2022–2023. There was a 1 percent increase in pages disclosed from last year.

It is important to note that SSC achieved a compliance rate of 91.6 percent. Although this is a slight decrease from the previous report’s 95.7 percent, SSC is above the community average.

The ATIP Division continues to ensure it monitors its turnaround times in processing requests on a regular basis, and tracks the timeliness of their completion.

The Policy and Governance Unit closed 60 Privacy Advice (PA) files during the year. PA files consist of privacy advice that was provided to program areas, employees and other departments. The advice was provided on various types of initiatives, such as the vaccination policy, surveys, privacy questions, disclosures and procedures. The Unit experienced a 38.7 percent decrease from the previous reporting period. Although SSC experienced a decrease in privacy advice pieces from 2021–2022, the advice provided in the current reporting period pertained to new platforms and initiatives that were more complex in nature. For example, the implementation of the hybrid work model led to the adoption of new technologies to support a hybrid workforce.

Privacy Requests received and processed
Privacy requests – Text version
Privacy Requests
Fiscal Year Received Processed
2022-23 65 72
2021-22 56 47
2020-21 59 60
2019-20 92 92
2018-19 113 115
2017-18 90 90

Disposition of Requests Completed

Of the 72 privacy requests completed, SSC released records in full in 4 cases (6 percent).

The Division observed an influx of requests with higher complexity subjects, such as grievance and harassment investigations that require detailed analysis. Furthermore, in the increasingly digital environment, a request can generate thousands of pages of records, owing to the large numbers of emails and other electronic documents. The Department invoked exemptions in 21 requests (29 percent). Of the remaining 51 requests (71 percent), either no records existed or the request was abandoned. SSC has 11 active carried-over requests from 2021–2022.

Extensions

Section 15 of the Privacy Act allows the statutory time limits to be extended under certain circumstances, such as when consultations are required, if translation is needed or if the request is for a large volume of records and processing it within the original time limit would unreasonably interfere with the operations of the Department. In 2022–2023, SSC invoked a total of 17 extensions. These extensions were invoked to provide sufficient processing time, owing to the increased volume of records. In some instances, the extensions were deemed necessary for external consultations such as Legal Services.

Completion Time

The Privacy Act sets the timelines for responding to privacy requests. It also allows for extensions in cases where responding to the request requires the review of a large volume of information or extensive when consultations with other government institutions or other third parties are needed. SSC responded to 55 requests (76 percent) within 30 days or fewer, and a further 10 requests (14 percent) within 31 to 60 days. The Department completed 3 requests (4 percent) within 61 to 120 days and 4 requests between 121 and 365 days.

Graph of completion time
Completion Time – Text version
Completion time 30 days or less 31 to 60 days 61 to 120 days 121 to 365 days
Percentage of requests completed 76% 14% 4% 6%

Exemptions

The Privacy Act allows, and in some instances requires, that some personal information is exempted and not released. For example, personal information may be exempted when it relates to law enforcement investigations, pertains to another individual besides the requester or is subject to solicitor client privilege.

The majority of exemptions applied by SSC related to section 26, which protects personal information. That section was applied in 26 instances. Paragraph 22(1)(b) (law enforcement and criminal investigations) was used in 6 instances, and section 27 was applied in 3 instances.

Exclusions

The Privacy Act does not apply to information that is already publicly available, such as government publications and material in libraries and museums. It also excludes material such as Cabinet Confidences. The ATIP Division did not apply any exclusions under the Act during the reporting period.

Consultations

No consultation requests under the Privacy Act were received at SSC from other departments.

Internal Consultations

Branches within SSC will send documents to the ATIP Division to be reviewed in the spirit of the Privacy Act. These documents are typically complex in nature and may include labour relations documents, audit reports, documents to be proactively disclosed and consultations related to internal policies. During the 2022–2023 reporting period, SSC completed 35 internal consultations and reviewed a total of 2,066 pages. This represents an increase of 45 percent for completed requests and a decrease of 36 percent in pages reviewed.

Challenges

The ATIP Division continued working full-time during the third reporting period of the pandemic. Our accomplishments included adapting and improving all processes to continue to respond to requests from the Canadian public.

The ATIP Division was able to achieve these accomplishments while facing many challenges. Listed below are some of the major challenges faced by the Division, and what was done to overcome them:

Complaints, Audits and Investigations

SSC was subject to 2 complaints under section 35 of the Privacy Act during the reporting period. There are no outstanding complaints from the previous reporting period. In addition, there were no audits involving the Department conducted by the OPC. SSC did not receive any notices of investigation from the OPC pursuant to section 31 of the Privacy Act.

Monitoring Compliance

The Division implemented various internal procedures to ensure that privacy requests are processed in a timely and efficient manner. For example, the team monitors workloads and progress on privacy requests. This provided for timely adjustment as needed.

In 2022–2023, SSC did not receive any requests to correct personal information under the Privacy Act.

Public Interest Disclosure

Paragraph 8(2)(m) of the Privacy Act allows the head of the institution to disclose personal information without the consent of the affected individual in cases where, in the opinion of the head of the institution, the public interest outweighs any invasion of privacy that could result from the disclosure or when it is clearly in the best interest of the individual to disclose. For 2022–2023 , SSC did not disclose any personal information under this paragraph.

Training and Awareness

The Division is dedicated to fostering a culture of ATIP excellence across SSC. As a result, the Division continues to develop and deliver training and awareness activities aimed at more openness and transparency throughout the Department. ATIP employees participated in many training sessions and conferences to broaden the knowledge of the entire Division. Four employees attended the Canadian Access and Privacy Association Conference and 15 employees attended a three-part training session about access to information, case studies and privacy impact assessments.

Mandatory Training

In order to ensure that all SSC employees, regardless of their position or level, are made aware of their responsibilities related to ATIP and that they gain an in-depth understanding of the related best practices and principles, SSC launched, in collaboration with the Canada School of Public Service, the online Access to Information and Privacy Fundamentals course (I015) on July 14, 2016. While this course is optional for all public service employees through the Canada School of Public Service website, its completion has been made mandatory for all SSC employees. For this reporting period, 1,290 employees successfully completed the course. This represents a 20.7 percent increase from the previous reporting period where 1,069 employees completed the course.

ATIP 101 Internal Training

The ATIP Division continued to adapt their training from in-person to online. The trainers delivered 4 internal training and awareness sessions to approximately 37 participants, which included SSC executives, managers and employees at all levels. The number of participants who received training this reporting period decreased by 86 percent. In the previous year, 269 employees participated in training. The ATIP 101 training is not mandatory. The Division promotes training in various ways internally and deliver it when we have participants that have signed up for specific sessions. The Division endeavours to find ways to increase participation as training is an important contributor to the continued success of ATIP management at SSC.

Tasking Request Training

The purpose of this training is to inform all SSC employees of their roles and responsibilities related to ATIP requests, with a focus on how to correctly respond to a request tasked to an office of primary interest. The trainers delivered 2 internal training and awareness sessions to approximately 15 participants in 2022–2023.

Privacy Breach Training

The Division delivered 3 Privacy Breach training sessions over the course of 2022–2023. A total of 17 employees attended this course. This training serves to promote privacy best practices and advise employees of their privacy obligations to avoid the creation of privacy breaches.

Privacy Impact Assessment Training

In order for program areas to understand the Privacy Impact Assessment (PIA) process, the ATIP Policy and Governance Unit developed PIA training. Multiple sessions were made available to SSC employees. During the reporting period, none were delivered, owing to the lack of enrolment. PIAs are a specific privacy assessment required by TBS in certain circumstances. They are not required often, so it was expected that the numbers of sessions would be limited. The Division has now incorporated the training as part of the PIA process in order to provide support before any PIA is started. Next year’s number of sessions delivered is expected to reflect this change.

Mentoring

The ATIP Division takes innovation very seriously and focuses on the personal development of its employees. The Division has established learning sessions where a variety of topics are discussed. Experienced employees in the ATIP Division provide guidance and support to new employees by helping them navigate the culture, answering any questions and helping them learn the necessary skills to succeed. By investing in mentoring, we can improve employee retention and foster a culture of continuous learning and development.

Data Privacy Day

On January 28, 2022, SSC celebrated Data Privacy Day to raise awareness and demonstrate the importance of privacy and the protection of personal information in day-to-day activities. The ATIP Division developed communiqués, published content on social media by senior leaders and promoted privacy training through SSC’s internal communication network. Material was disseminated through Twitter, LinkedIn and internal communication channels.

Policies, Guidelines, Procedures and Initiatives

To maintain a high standard of excellence and to continually improve customer services under the Privacy Act, the Policy and Governance Unit undertook the following initiatives:

Initiatives and Projects to Improve Privacy

Summary of Key Issues and Action Taken on Complaints

From the time a request is received, the Division works with requesters to fully understand the request to reduce the processing time and ensure the relevancy of the records provided. In addition, the Division has taken diverse actions to keep the number of complaints at a minimum. For instance, the Division regularly revises its procedures to improve performance and reduce the response time to provide improved service to Canadians.

ATIP analysts receive ongoing training on the complaints process and the handling of complaints received from the OPC. The Division has established a streamlined process for handling complaints where the Deputy Director, Operations Unit, is responsible for providing representations to the OPC. The Director and Deputy Director, Operations Unit continue to work closely with the OPC in resolving complaints.

SSC received two complaints relating to time delays during this reporting period. In order to resolve complaint issues, the ATIP Division provided rolling interim releases when possible to start giving requesters information more rapidly.

Material Privacy Breaches

A privacy breach refers to the improper or unauthorized access, collection, use, disclosure, retention or disposal of personal information. A material breach involves sensitive personal information that could reasonably be expected to cause serious injury or harm to the individual. During the reporting period, no material breaches occurred or were reported to the OPC.

The ATIP Division monitors and documents all privacy breaches reported. The Division also reviews how and where in the Department they occurred to provide tailored privacy breach training to specific groups to promote awareness and increase prevention.

Privacy Impact Assessments

During the reporting period, one PIA was completed. The Enterprise IT Service Management (ITSM) initiative is an SSC-led project under the Service Management Branch (SMB) Portfolio, which is a multi-year project to establish an enterprise-wide state-of-the-art ITSM solution as a replacement for SSC’s current enterprise ITSM tool, Enterprise Control Desk (ECD). This project will directly support Service Management and other program initiatives by providing an enterprise ITSM tool solution to be configured and deployed to production by a vendor.

At the end of 2022–2023 , 2 PIAs were at various stages of the approval process. They will be reflected in future reports.

SSC continued its collaboration with other departments by sharing the Digital Communications and Collaboration Solution (DCC) PIA. The Policy and Governance Unit completes privacy risk checklists (PRC), which allows the team to determine if a PIA is required. During this reporting period, 39 were completed and 7 were carried over to the next fiscal year. PRC’s assesses new programs and initiatives used in the department, as well as SSC’s partners, in the collection, use, disclosure, storage and retention period of personal information. There was an 18 percent increase in privacy risks checklists this reporting period compared to last year. The increase could be explained by years of collaboration and increased awareness within SSC.

Annex A – Delegation Order

Shared Services Canada

Access to Information Act and Privacy Act Delegation Order

The Minister of Digital Government, pursuant to subsection 95(1) of the Access to Information Act and subsection 73(1) of the Privacy Act, hereby designates the persons holding the positions set out in the schedule hereto, or the persons occupying on an acting basis those positions, to exercise the powers, duties and functions of the Minister as the head of Shared Services Canada, under the provisions of the acts and related regulations set out in the schedule opposite each position.

This designation replaces all previous delegation orders.

Schedule
Position Access to Information Act and Regulations Privacy Act and Regulations
1. President Full authority Full authority
2. Executive Vice President Full authority Full authority
3. Assistant Deputy Minister, Strategy and Engagement Branch Full authority Full authority
4. Corporate Secretary and Chief Privacy Officer Full authority Full authority
5. Director, Access to Information and Privacy Protection Division Full authority Full authority
6. Deputy Directors, Operations and Policy and Governance, Access to Information and Privacy Protection Division Full authority Full authority

Dated, at Ottawa,
this 6th day of January, 2023

The Honourable Helena Jaczek
Minister of Public Services and Procurement and Head of Shared Services Canada

Annex B — Statistical Report

Statistical Report on the Privacy Act

Name of institution: Shared Services Canada

Reporting period: 2022-04-01 to 2023-03-31

Section 1: Requests under the Privacy Act

1.1 Number of requests

Number of requests
Received during the reporting period 65
Outstanding from the previous reporting period 11
  • Outstanding from previous reporting period
11
  • Outstanding from more than one reporting period
0
Total 76
Closed during the reporting period 72
Carried over to the next reporting period 4
  • Carried over within legislated timeline
3
  • Carried over beyond legislated timeline
1

1.2 Channels of requests

Source Number of requests
Online 57
E-mail 2
Mail 6
In person 0
Phone 0
Fax 0
Total 65

Section 2: Informal Requests

2.1 Number of Informal Requests

Number of requests
Received during the reporting period 0
Outstanding from the previous reporting period 0
  • Outstanding from previous reporting period
0
  • Outstanding from more than one reporting period
0
Total 0
Closed during the reporting period 0
Carried over to the next reporting period 0

2.2 Channels of Informal Requests

Source Number of requests
Online 0
E-mail 0
Mail 0
In person 0
Phone 0
Fax 0
Total 0

2.3 Completion Time of Informal Requests

Completion Time
1 to 15 Days 16 to 30 Days 31 to 60 Days 61 to 120 Days 121 to 180 Days 181 to 365 Days More Than 365 Days Total
0 0 0 0 0 0 0 0

2.4 Pages Released Informally

Less than 100 pages released 100-500 pages released 501-1000 pages released 1001-5000 pages released More than 5000 pages released
Number of requests Pages released Number of requests Pages released Number of requests Pages released Number of requests Pages released Number of requests Pages released
0 0 0 0 0 0 0 0 0 0

Section 3: Requests Closed During the Reporting Period

3.1 Disposition and Completion Time

Disposition of requests Completion time
1 to 15 Days 16 to 30 Days 31 to 60 Days 61 to 120 Days 121 to 180 Days 181 to 365 Days More Than 365 Days Total
All disclosed 2 1 1 0 0 0 0 4
Disclosed in part 0 5 9 3 0 4 0 21
All exempted 0 0 0 0 0 0 0 0
All excluded 0 0 0 0 0 0 0 0
No records exist 41 0 0 0 0 0 0 41
Request abandoned 6 0 0 0 0 0 0 6
Neither confirmed nor denied 0 0 0 0 0 0 0 0
Total 49 6 10 3 0 4 0 72

3.2 Exemptions

Section Number of requests Section Number of requests Section Number of requests
18(2) 0 22(1)(a)(i) 0 23(a) 0
19(1)(a) 0 22(1)(a)(ii) 0 23(b) 0
19(1)(b) 0 22(1)(a)(iii) 0 24(a) 0
19(1)(c) 0 22(1)(b) 6 24(b) 0
19(1)(d) 0 22(1)(c) 0 25 0
19(1)(e) 0 22(2) 0 26 26
19(1)(f) 0 22.1 0 27 3
20 0 22.2 0 27.1 0
21 0 22.3 0 28 0
22.4 0

3.3 Exclusions

Section Number of requests Section Number of requests Section Number of requests
69(1)(a) 0 70(1) 0 70(1)(d) 0
69(1)(b) 0 70(1)(a) 0 70(1)(e) 0
69.1 0 70(1)(b) 0 70(1)(f) 0
70(1)(c) 0 70.1 0

3.4 Format of Information Released

Paper Electronic Other
E-record Data set Video Audio
0 25 0 0 0 0

3.5 Complexity

3.5.1 Relevant Pages Processed and Disclosed for Paper and e-Record Formats
Number of pages processed Number of pages disclosed Number of requests
37198 7199 31
3.5.2 Relevant pages processed by request disposition for paper and e-record formats by size of requests
Disposition 100 pages or less processed 100-500 pages processed 501-1000 pages processed 1,001-5,000 pages processed More than 5,000 pages processed
Number of requests Pages processed Number of requests Pages processed Number of requests Pages processed Number of requests Pages processed Number of requests Pages processed
All disclosed 2 22 2 539 0 0 0 0 0 0
Disclosed in part 2 120 7 1829 4 2515 5 11089 3 21084
All exempted 0 0 0 0 0 0 0 0 0 0
All excluded 0 0 0 0 0 0 0 0 0 0
Request abandoned 6 0 0 0 0 0 0 0 0 0
Neither confirmed nor denied 0 0 0 0 0 0 0 0 0 0
Total 10 142 9 2368 4 2515 5 11089 3 21084
3.5.3 Relevant minutes processed and disclosed for audio formats
Number of minutes processed Number of minutes disclosed Number of requests
0 0 0
3.5.4 Relevant minutes processed per request disposition for audio formats by size of requests
Disposition Less than 60 minutes processed 60 – 120 minutes processed More than 120 minutes processed
Number of requests Minutes processed Number of requests Minutes processed Number of requests Minutes processed
All disclosed 0 0 0 0 0 0
Disclosed in part 0 0 0 0 0 0
All exempted 0 0 0 0 0 0
All excluded 0 0 0 0 0 0
Request abandoned 0 0 0 0 0 0
Neither confirmed nor denied 0 0 0 0 0 0
Total 0 0 0 0 0 0
3.5.5 Relevant minutes processed and disclosed for video formats
Number of minutes processed Number of minutes disclosed Number of requests
72 72 2
3.5.6 Relevant Minutes Processed per Request Disposition for Video Formats by Size of Requests
3.5.6 Relevant Minutes Processed per Request Disposition for Video Formats by Size of Requests
Disposition Less than 60 minutes processed 60 – 120 minutes processed More than 120 minutes processed
Number of requests Minutes processed Number of requests Minutes processed Number of requests Minutes processed
All disclosed 0 0 2 72 0 0
Disclosed in part 0 0 0 0 0 0
All exempted 0 0 0 0 0 0
All excluded 0 0 0 0 0 0
Request abandoned 0 0 0 0 0 0
Neither confirmed nor denied 0 0 0 0 0 0
Total 0 0 2 72 0 0
3.5.7 Other Complexities
Disposition Consultation required Legal advice sought Interwoven Information Other Total
All disclosed 0 0 0 0 0
Disclosed in part 4 2 1 0 7
All exempted 0 0 0 0 0
All excluded 0 0 0 0 0
Request abandoned 0 0 0 0 0
Neither confirmed nor denied 0 0 0 0 0
Total 4 2 1 0 7

3.6 Closed Requests

3.6.1 Number of Requests Closed Within Legislated Timelines
Number of requests closed within legislated timeline 66
Percentage of requests closed within legislated timelines (%) 91.6666667

3.7 Deemed Refusals

3.7.1 Reasons for not meeting legislated timelines
Number of requests closed past the legislated timelines Principal reason
Interference with operations/ Workload External consultation Internal consultation Other
6 5 0 1 0
3.7.2 Request closed beyond legislated timelines (including any extension taken)
Number of days past legislated timelines Number of requests past legislated timeline where no extension was taken Number of requests past legislated timeline where an extension was taken Total
1 to 15 days 0 6 6
16 to 30 days 0 0 0
31 to 60 days 0 0 0
61 to 120 days 0 0 0
121 to 180 days 0 0 0
181 to 365 days 0 0 0
More than 365 days 0 0 0
Total 0 6 6

3.8 Requests for Translation

Translation requests Accepted Refused Total
English to French 0 0 0
French to English 0 0 0
Total 0 0 0

Section 4: Disclosures Under Subsections 8(2) and 8(5)

Paragraph 8(2)(e) Paragraph 8(2)(m) Subsection 8(5) Total
0 0 0 0

Section 5: Requests for Correction of Personal Information and Notations

Disposition for correction requests received Number
Notations attached 0
Requests for correction accepted 0
Total 0

Section 6: Extensions

6.1 Reasons for extensions

Number of extensions taken 15(a)(i) Interference with operations 15(a)(ii) Consultation 15(b) Translation purposes or conversion
Further review required to determine exemptions Large volume of pages Large volume of requests Documents are difficult to obtain Cabinet Confidence Section (Section 70) External Internal
17 0 14 0 0 0 3 0 0

6.2 Length of extensions

Length of Extensions 15(a)(i) Interference with operations 15(a)(ii) Consultation 15(b)Translation purposes or conversion
Further review required to determine exemptions Large volume of pages Large volume of requests Documents are difficult to obtain Cabinet Confidence Section (Section 70) External Internal
1 to 15 days 0 0 0 0 0 0 0 0
16 to 30 days 0 14 0 0 0 3 0 0
31 days or greater 0
Total 0 14 0 0 0 3 0 0

Section 7: Consultations received from other institutions and organizations

7.1 Consultations Received from Other Government of Canada Institutions and Organizations

Consultations Other Government of Canada institutions Number of pages to review Other organizations Number of pages to review
Received during the reporting period 0 0 0 0
Outstanding from the previous reporting period 0 0 0 0
Total 0 0 0 0
Closed during the reporting period 0 0 0 0
Carried over within negotiated timelines 0 0 0 0
Carried over beyond negotiated timelines 0 0 0 0

7.2 Recommendations and completion time for consultations received from other Government of Canada institutions

Recommendation Number of days required to complete consultation requests
1 to 15 days 16 to 30 days 31 to 60 days 61 to 120 days 121 to 180 days 181 to 365 days More than 365 days Total
Disclosed entirely 0 0 0 0 0 0 0 0
Disclose in part 0 0 0 0 0 0 0 0
Exempt entirely 0 0 0 0 0 0 0 0
Exclude entirely 0 0 0 0 0 0 0 0
Consult other institution 0 0 0 0 0 0 0 0
Other 0 0 0 0 0 0 0 0
Total 0 0 0 0 0 0 0 0

7.3 Recommendations and completion time for consultations received from other organizations outside the Government of Canada

Recommendation Number of days required to complete consultation requests
1 to 15 days 16 to 30 days 31 to 60 days 61 to 120 days 121 to 180 days 181 to 365 days More than 365 days Total
Disclosed entirely 0 0 0 0 0 0 0 0
Disclosed in part 0 0 0 0 0 0 0 0
Exempted entirely 0 0 0 0 0 0 0 0
Excluded entirely 0 0 0 0 0 0 0 0
Consult other institution 0 0 0 0 0 0 0 0
Other 0 0 0 0 0 0 0 0
Total 0 0 0 0 0 0 0 0

Section 8: Completion time for consultations on Cabinet Confidences

8.1 Requests with Legal Services

Number of Days Fewer Than 100 Pages Processed 100-500 pages processed 501-1000 pages processed 1,001-5,000 pages processed More than 5,000 pages processed
Number of requests Pages disclosed Number of requests Pages disclosed Number of requests Pages disclosed Number of requests Pages disclosed Number of requests Pages disclosed
1 to 15 0 0 0 0 0 0 0 0 0 0
16 to 30 0 0 0 0 0 0 0 0 0 0
31 to 60 0 0 0 0 0 0 0 0 0 0
61 to 120 0 0 0 0 0 0 0 0 0 0
121 to 180 0 0 0 0 0 0 0 0 0 0
181 to 365 0 0 0 0 0 0 0 0 0 0
More than 365 0 0 0 0 0 0 0 0 0 0
Total 0 0 0 0 0 0 0 0 0 0
8.2 Requests with the Privy Council Office
Number of Days 100 pages or less processed 100-500 pages processed 501-1000 pages processed 1,001-5,000 pages processed More than 5,000 pages processed
Number of requests Pages disclosed Number of requests Pages disclosed Number of requests Pages disclosed Number of requests Pages disclosed Number of requests Pages disclosed
1 to 15 0 0 0 0 0 0 0 0 0 0
16 to 30 0 0 0 0 0 0 0 0 0 0
31 to 60 0 0 0 0 0 0 0 0 0 0
61 to 120 0 0 0 0 0 0 0 0 0 0
121 to 180 0 0 0 0 0 0 0 0 0 0
181 to 365 0 0 0 0 0 0 0 0 0 0
More than 365 0 0 0 0 0 0 0 0 0 0
Total 0 0 0 0 0 0 0 0 0 0

Section 9: Complaints and Investigations Notices Received

Section 31 Section 33 Section 35 Court action Total
0 0 2 0 2

Section 10: Privacy Impact Assessments (PIAs) and Personal Information Banks (PIBs)

10.1 Privacy Impact Assessments

Number of PIAs completed 0
Number of PIAs modified 1

10.2 Institution-Specific and Central Personal Information Banks

Personal information banks Active Created Terminated Modified
Institution-Specific 0 0 0 0
Central 0 0 0 0
Total 0 0 0 0

Section 11: Privacy Breaches

11.1 Material Privacy Breaches reported

Number of material privacy breaches reported to TBS 0
Number of material privacy breaches reported to OPC 0

11.2 Non-Material Privacy Breaches

Number of non-material privacy breaches 21

Section 12: Resources related to the Privacy Act

12.1 Allocated Costs

Expenditure Amount
Salaries $472,716
Overtime $0
Goods and services $128,469
  • Professional services contracts
$0 -
  • Other
$128,469
Total $601,185

12.2 Human Resources

Resources Person years dedicated to Access to Privacy activities
Full-time employees 4.730
Part-time and casual employees 0.180
Regional staff 0.000
Consultants and agency personnel 0.000
Students 0.600
Total 5.510

Note: Enter values to three decimal places.

Page details

Date modified: