Privacy Impact Assessment for Info Bank

Executive Summary

In the mid-1990s the Treasury Board of Canada Secretariat (TBS) introduced the Shared Systems Initiative (SSI), which was intended to streamline systems development and management, develop a common information management and information technology (IM/IT) infrastructure, and make effective use of IT in government administration and service delivery.

The Department of Foreign Affairs and International Trade (DFAIT) has introduced the Info Bank to replace the Department’s existing electronic and paper-based document management methods for information up to the Protected A security designation. The Info Bank is based on the Government of Canada’s (GoC) Records and Document Information Management System (RDIMS), which flowed from the SSI. The implementation of Info Bank is assisting DFAIT to improve information capture, usage and disposal, and to provide a standard, unified method of managing documents and records.

In November 2007 a Preliminary Privacy Impact Assessment (PIA) was conducted by TBS, the Department of Finance, and the Canada Public Service Agency to determine if there was privacy issues associated with the RDIMS; and to provide recommendations on measures to avoid, control and mitigate privacy issues or risks identified. DFAIT also developed a PIA for Info Bank. Since Info Bank is very similar in nature to the RDIMS, the PIA was limited in focus to identifying any potential risks associated with the differences between DFAIT’s Info Bank and the TBS RDIMS PPIA.

As such, DFAIT’s PIA examined the aspects of the business model and data-flows as well as the policies and procedures relating to the Info Bank. It identified and evaluated any potential risks to the privacy of the personal information maintained within the system and recommended possible options for mitigating any risks that were identified. The PIA also evaluated existing privacy safeguards at the time the PIA was completed in order to determine whether they were sufficient to avoid or mitigate potential privacy risks and to determine if additional privacy safeguards were required.

While the requirements of the Privacy Act were adequately met, two (2) privacy risks were identified in the PIA, both which could be reasonably mitigated. The tables below summarize the privacy risks identified in the PIA, and categorizes the level of risk as low, moderate or high. Risk is defined by a factor of both impact and likelihood of occurrence. The goal of risk management is to maintain privacy risks within acceptable bounds. The higher ratings provide an indication of priority areas for implementing suggested risk mitigation mechanisms.

Privacy Risks Identified in the Privacy Impact Assessment
ElementTimely deactivation of user accounts
Nature of RisksAny delay in disabling a user’s access rights to Info Bank is a concern in that these individuals could continue to access Info Bank until their account is deactivated.
Risk LevelLow
Mitigating MechanismsAlthough assessed as being low, it is recommended that DFAIT ensure that user accounts are disabled as part of a mandatory exit procedure for all employees leaving the organization. This is particularly important with respect to those employees working outside of Canada.
Privacy Risks Identified in the Privacy Impact Assessment
ElementPrivacy and security awareness for all employees
Nature of RisksLack of appropriate security markings could result in the inappropriate sharing or storage of personal information.
Risk LevelLow
Mitigating Mechanisms

Although Info Bank makes it mandatory for the user to indicate the security of a document, it is recommended that inclusion of a security marking in the header or footer of all documents requiring a designation of Protected A is mandatory and that user manuals and job aids reflect this requirement.

Provide in-depth security and classification of documents training to all employees prior to allowing access to Info Bank