ATIP  Privacy Breach Risk Impact Instrument

Privacy Breach Management Tools

Notice: The purpose of this ATIP Privacy Breach Risk Impact Instrument is to assist the Access to Information and Privacy (ATIP) Division, the Chief Privacy Officer and/or the Department Security Officer determine who needs to be notified in case of a privacy breach.

Context

Number of affected individual(s) (scope):

Sensitivity of the information (context):

Type of personal information

  • Name
  • Biographical information
  • Biometric information
  • Citizenship status
  • Contact information
  • Credit information
  • Criminal checks/history
  • Date of birth
  • Date of death
  • Educational information
  • Employment equity information
  • Employee identification
  • Employee personnel information
  • Financial information
  • Medical information
  • Physical attributes
  • Place of birth
  • Place of death
  • Signature
  • Social Insurance Number
  • Other identification numbers
  • Other

Comments:

Expectation of the individual (context)

  • Is there a privacy statement? Is it clear and comprehensive (e.g., does it list the statutory authority for the collection, the right to refuse, and the right of access and correction)?
  • Was the use and disclosure in accordance with the purpose of initial collection (e.g., statistical, program administration)?
  • Was consent given to preclude some or all types of disclosure? (Note that consent does not replace authority to collect.)
  • Are there disclosure provisions to third parties (e.g., is there a commitment not to disclose information unless authorized)?
  • Are disclosures accurately reflected in a Personal Information Bank published in Info Source?
  • Other

Comments:

Part A: Risk Impact to Individual(s)

Impact Categories

  1. Financial Loss
    • Identity theft or fraud
    • Inconvenience due to changing financial arrangements
    • Loss of wages or of job or employment opportunities (loss of promotion)
    • Loss of business opportunities
    • Increased cost or loss of insurance
    • Pension loss
    • Other
    Identify the probability of the financial impact occurrence:
    • N/A
    • Unlikely
    • Rare
    • Likely
    • Very Likely
    • Almost certain

    Comments:

  2. Health
    • Physical safety (security risk)
    • Physiological impact (loss of sleep, stomach problems, heart attack, long-term medication regime)
    • Psychological impact (stress, breakdown of relationships)
    • Other
    Identify the probability of the health impact occurrence:
    • N/A
    • Unlikely
    • Rare
    • Likely
    • Very Likely
    • Almost certain

    Comments:

  3. Reputation
    • Hurt, humiliation or embarrassment
    • Discrimination
    • Loss of professional standing
    • Loss of personal standing
    • Other
    Identify the probability of the reputation impact occurrence:
    • N/A
    • Unlikely
    • Rare
    • Likely
    • Very Likely
    • Almost certain

    Comments:

  4. Legal
    • Civil charges
    • Criminal charges
    • Fines
    • Imprisonment
    • Possible application of foreign laws (potential for disclosure to a foreign government for unrelated use)
    • Other
    Identify the probability of the legal impact occurrence:
    • N/A
    • Unlikely
    • Rare
    • Likely
    • Very Likely
    • Almost certain

    Comments:

Part A: Risk Impact to Individual(s)—Summary

Recommendations to notify:

  • Affected individuals
  • Office of the Privacy Commissioner (OPC) and the Treasury Board of Canada Secretariat
  • Others

Additional comments:

Part B: Risk Impact to Institution (Government Institutions Involved in the Breach)

Impact Categories

  1. Reputation
    • Call for the resignation of the minister and/or departmental officials
    • Scrutiny by parliamentary officials
    • Increased public scrutiny (Question Period)
    • Criticism by central agencies
    • Funding revisited
    • Internal investigation
    • Loss of public trust
    • National embarrassment
    • Public inquiry
    • Investigation and/or audit by OPC
    • Other
    Identify the probability of recurrence:
    • N/A
    • Unlikely
    • Rare
    • Likely
    • Very Likely
    • Almost certain

    Comments:

  2. Financial
    • Loss of funding for program(s) or activity
    • Reallocation of resources and assets
    • Changes to Program Activity Architecture
    • Other
    Identify the probability of recurrence:
    • N/A
    • Unlikely
    • Rare
    • Likely
    • Very Likely
    • Almost certain

    Comments:

  3. Legal
    • Lawsuit or fines
    • Other
    Identify the probability of recurrence:
    • N/A
    • Unlikely
    • Rare
    • Likely
    • Very Likely
    • Almost certain

    Comments:

  4. National Interest

    Will the breach result in:

    • A threat to public health
    • A threat to public safety
    • A threat to national security
    • A negative impact on federal-provincial-territorial relations
    • A negative impact on international relations
    • Other
    Identify the probability of recurrence:
    • N/A
    • Unlikely
    • Rare
    • Likely
    • Very Likely
    • Almost certain

    Comments:

  5. Operations

    Will the breach result in:

    • A decrease in uptake of services
    • A decrease in staff morale resulting in decreased productivity and increased turnover
    • Calls for replacing the minister or head
    • Sanction or firing of employees
    • Program redesign or cancellation
    • Relocation of employees
    • Increased administration and overhead
    • Interruption of service delivery
    • Increased public scrutiny negatively affecting business operations
    • Other
    Identify the probability of recurrence:
    • N/A
    • Unlikely
    • Rare
    • Likely
    • Very Likely
    • Almost certain

    Comments:

Part B: Risk Impact to Institution—Summary

Recommendations for internal notification

  • Department Security Officer
  • Senior management
  • Legal
  • Communication
  • Information Management / Information Technology
  • Others

Recommendations for external notification (i.e., to OPC and the Treasury Board of Canada Secretariat)

Recommendations for training (e.g., additional training for employees)

Recommendations for review of procedures or policies

Additional comments (e.g., a Privacy Impact Assessment (PIA) should be conducted if one was never conducted or if an existing PIA is outdated)

Summary

Please include the summaries for Part A and Part B prior to the recommendations to ATIP.

Part A: Risk Impact to Individual(s)

Part B: Risk Impact to Institution

Recommendations to ATIP (these should incorporate the sensitivity of the information, the number of affected individual(s), i.e., the scope of the breach, and the likelihood of impact)

Heat Sheet for Privacy Breach Impact Risk for the Department

Probability
Impact Rating Low-Risk Zone Medium-Risk Zone High-Risk Zone
A: Rare (occurs very infrequently) B:  Unlikely (occurs infrequently) C: Likely (occurs occasionally) D: Very Likely (occurs frequently) E: Almost Certain (occurs continuously)

5: Severe

Event consequences can be endured by the organization but could result in significant impact

Significant Major High Severe Severe
4: High

Event consequences can be endured by the organization but could result in significant impact

Moderate Significant Major High Severe
3: Medium

Event consequences can be absorbed with proper management to minimize the impact

Low Moderate Significant Major High
2: Low

Event consequences can be absorbed with managed effort

Negligible Low Moderate Significant Major
1: Negligible

Event consequences can be absorbed through normal activity

Negligible Negligible Low Moderate Significant

Potential Impacts to the Organization
Impact Rating Reputation and Relationships With Clients and the Public Legal and Policy Compliance National Interest, Public Safety and Security Operations and Capacity to Deliver Programming Financial Resources and Assets
5: Severe Event consequences require the organization to make a large-scale, long-term realignment of operations, objectives or finances
  • Complete loss of public trust
  • Embarrassment for the minister or the government

 

  • Non-compliance with various Government of Canada laws or policies may result in substantial legal liabilities or penalties (civil or criminal) and/or imprisonment
  • Extensive impacts on federal-provincial-territorial and/or international relationships, resulting in threats to public safety and security
  • National security put in jeopardy
  • Consequences threaten survival of program and organization
  • Service interruption of more than six months
  • Loss, error or omission of greater than $25 million, or greater than 25 per cent of total managed funds
4: High

Event consequences can be endured by the organization but could result in significant impact

  • Significant loss of client group trust
  • Public outcry for removal of the minister and/or departmental officials
  • Subject to an audit and/or investigation by the Office of the Privacy Commission (OPC)
  • Strong criticism by central agencies
  • Scrutiny by a parliamentary committee
  • Non-compliance with Government of Canada laws or policies may result in significant legal liabilities or penalties (civil or criminal), such as a lawsuit
  • Substantial impact to federal-provincial-territorial and/or international relationships
  • Substantial impact on public safety and security
  • Consequences threaten survival and continued effective functioning of the program, or require intervention by senior management or by elected representatives
  • Service interruption of one to six months
  • Loss, error or omission of between $15 million to $25 million, or between 25 per cent and 15 per cent of total managed funds
3: Medium

Event consequences can be absorbed with proper management to minimize the impact

  • Some loss of client group trust
  • Media outcry for replacement of the minister and/or departmental officials
  • Moderate criticism by central agencies
  • Non-compliance with Government of Canada laws or policies, which may result in limited legal liabilities or penalties (civil or criminal), such as a lawsuit
  • Disruption to federal-provincial-territorial and/or international relationships
  • Moderate impact on public safety and security
  • Consequences do not threaten the program, but administering the program could be subject to significant review or change in operation
  • Service interruption of up to a month
  • Loss, error or omission of between $5 million to $15 million, or between 15 per cent and 5 per cent of total managed funds
2: Low

Event consequences can be absorbed with managed effort

  • Setback in building of client group trust
  • Negative media attention
  • May be subject to an investigation by OPC
  • Minor criticism by central agencies and/or OPC
  • Non-compliance with Government of Canada policies without legal liabilities or penalties (civil or criminal)
  • Minor disruptions to federal-provincial-territorial relationships
  • Minimal impact on public health and security
  • Consequences threaten efficiency or effectiveness of some aspects of the program but can be dealt with internally
  • Service interruption of one day to one week
  • Loss, error or omission of between $1 million to $5 million, or between 1 per cent and 5 per cent of total managed funds

 

1: Negligible

Event consequences can be absorbed through normal activity

  • No relationship damage
  • Some unfavourable media attention
  • Some unfavourable observation by central agencies and/or OPC
  • Non-compliance with Government of Canada policies without legal liabilities or penalties (civil or criminal)
  • Negligible impact on federal-provincial-territorial relationships
  • Negligible impact on public safety and security
  • Consequences are dealt with through routine operations
  • Service interruption of less than a single day
  • Loss, error or omission of less than $1 million, or less than 1 per cent of total managed funds
Report a problem or mistake on this page
Please select all that apply:

Thank you for your help!

You will not receive a reply. For enquiries, contact us.

Date modified: