Government of Canada Pension Modernization Project – Release 1.5 - Enhanced Case Management and Imaging
Introduction
This document summarizes the Privacy Impact Assessment (PIA) Report that the Government of Canada undertook to ensure that privacy was considered throughout the development and deployment of Release 1.5 of the Government of Canada Pension Modernization Project (GCPMP). The PIA Report concluded that personal information is involved in Release 1.5 with an overall risk rating of "medium
". Implementation of the mitigation mechanisms described in the Privacy Risk Management Plan below will alleviate potential issues and concerns.
Background
Public Works and Government Services Canada (PWGSC) is the administrative authority for the disbursement of pay and pension services under the Department of Public Works and Government Services Act. PWGSC is responsible for the administration of pension plans for public servants governed under the Public Service Superannuation Act (PSSA), and for the administration of the respective pension plans for the Members of Parliament, Federal Judges, the Diplomatic Corps, and the Lieutenant Governors. The Department also provides pension services, on a cost recovery basis to the military members of the Department of National Defence (DND).
The GCPMP has been established to develop and implement Information Technology solutions for the renewal of PWGSC pension administration systems and services. The GCPMP will provide a modern pension administration system through the phased adoption of commercial-off-the-shelf (COTS) software based solutions.
Business Process
The business requirements for GCPMP Release 1.5 are focused on the automation and enhancement of service delivery to Clients. Release 1.5 consists of providing Public Service Pension Centre (PSPC) operations and other groups within Compensation Sector with enhanced case management capabilities and the addition of digitized images for all incoming documents received by mail and fax.
PSPC Agents include Pension Specialists, Client Inquiry, Pension Portability and Executive Services personnel. Unlike R1.0 where only half of the PSPC staff in Shediac were expected to access the system, Release 1.5 extends the Case Management capabilities to the rest of the PSPC operations, approximately 600 end users.
In Release 1.5, all incoming mail and faxes will now be received and digitized by the Cheques Redemption Control Directorate (CRCD) Imaging Facility located in Matane, Québec. Upon receipt of incoming hard copy mail or fax by the CRCD, an image of each document is captured. In addition to processing all incoming mail, Release 1.5 provides the capability to process requests received by electronic mail. An e-mail received from a Client will be automatically acknowledged by the system with an indication to the sender as to when an answer should be provided.
Personal Information Collected by GCPMP Release 1.5
The following data elements which constitute personal information are collected as follows:
- Personal Identifiers:
- Personal Record Identifier (PRI);
- Pension Number (PN); and
- Social Insurance Number (SIN) - in scanned documents only.
- Universal Unique Identifier (UUID) – for internal system use only.
- Names: Last and first name of an individual and other variations of names such as name changes, maiden name, given name, etc.;
- Dates: Date of birth, death, etc.;
- Addresses: Mailing address, temporary address, out of country address, e-mail address, fax number, etc.;
- Bank Information: Banking institution, transit number and account number; and
- Payment Information: cheque number, payment amount and encashment date.
The new imaging functionality in Release 1.5 does not have an impact on the following processes: Consent for Disclosure; Safeguarding Personal Information, Accuracy; Openness; Individual's Access to PI; and Challenging Compliance.
Data from the existing Production Control File Location System (PCFLS) will be converted and brought into the Case Management application. No other legacy applications or databases are being discontinued during the operational period for Release 1.5.
Data Analysis
Table Summary
The data flow analysis section of the PIA Report identifies and traces personal information from the point of collection to the point where all copies of the information are disposed or permanently destroyed. Table 1 – Data Flow Analysis - documents the personal information involved in three GCPMP Release 1.5 business processes: "Manage Contacts", "
Manage Correspondence" and "
Manage Contributions and Receivables".
Description | Collected by | Format | Purpose of Collection | Used by or Disclosed to | Storage or Retention Site |
---|---|---|---|---|---|
Name Salutation Home Address E-mail Address Phone Number Fax number Personal Reference Identifier Pension Number Date of Birth |
Toll free numbers CRM - Call Monitoring Manage incoming correspondence Legacy Annuitant/ Contributor Systems via SMIRS Bridge |
Phone IVR TTY Fax |
To manage client inquiries/ requests via PSPC Client Contact Centre | Active/Retired member (Ex) spouses/ (Ex) partners of an Active/Retired member Children of a Retired member Family members of an Active/ Retired member Power of Attorney/Lawyer |
Pension System Universal Client Management (UCM) Customer Relationship Management (CRM) |
Document Image Document PRI/PN Surname Given Name Address Phone Number E-mail Address |
Cheque Redemption Control Directorate (CRCD) System generated Agent or Pension Expert |
Fax Image |
To manage incoming and outgoing correspondence. | Active Member Retired Member Power of Attorney/Lawyer Employer External Stakeholder |
CRCD Imaging System Database CRCD Image Repository Customer Relationship Management (CRM) |
Cheques payments:
Department Remittance Information File for BPS:
|
Cheque Redemption Control Directorate (CRCD) Bill Payment Services (BPS) Contractor (National Bank of Canada) |
Image |
To handle receipt of contributions and other receivables. | Common Department Financial System (CDFS) Receiver General |
CRCD Imaging System Database CRCD Image Repository Bill Payment Services Database |
Privacy Risk Management
Table Summary
Section 6 of the PIA Report identifies GCPMP Release 1.5 privacy risks and potential risk mitigation strategies. Table 2 – Risk Management Plan - below summarizes that information.Risk Management Plan provides a summary of the privacy risks, likelihood of occurrence and mitigation measures
Element | Nature of risks | Level of risks | Proposed Mitigating Mechanisms |
---|---|---|---|
Potential Unauthorized Disclosure of Private Information | Inappropriate access Disclosure of personal information to unauthorized persons |
Low |
Continue to provide training to Agents Implement periodic audits of calls to monitor Refresher training on privacy issues |
Capturing Personal Identifier Data Over IVR (Integrated Voice Response) | Inappropriate access Compromise of personal information to unauthorized persons |
Low |
PRI or SA is not related to or stored with a name in the IVR |
Compliance with Privacy Act (ss. 5 (2)) for Privacy Statements | Inconsistent access to the Privacy Statement across all channels |
Low |
Callers are instructed to obtain the Privacy Statement via the existing website or to wait for an Agent Develop a standard, generic Privacy Statement for all channels Add a link in outgoing E-fax and E-mail messages to a web site with further information on PWGSC Privacy Policy |
Documented Security Procedures | Inappropriate access Compromise of personal information to unauthorized persons Accountability
|
Low |
Establish and document detailed security procedures for the collection, transmission, storage, and disposal of personal information |
Audit Logs and Audit Trails | Inappropriate access Compromise of personal information to unauthorized persons Unauthorized changes to personal information |
Medium |
Define audit requirements Design, develop and implement audit solution for all application software components |
Safeguards to Protect Personal Information | Inappropriate access Compromise of personal information to unauthorized persons Unauthorized changes to personal information |
Medium |
Implement safeguards recommended through the Certification & Accreditation process Continue to abide by conditions set out in Letter of Accreditation |
Conclusion
The highest privacy risk identified in the Privacy Risk Management Plan is evaluated as "medium
". PWGSC has examined the impacts and has proposed appropriate mitigation strategies for the identified privacy risks associated with Release 1.5 of GCPMP.
Most notably, there is a need for audit requirements and additional safeguards to be implemented to protect personal information. Security activities are being conducted in parallel with the PIA in accordance with the Certification & Accreditation (C&A) process.
The proposed mitigating mechanisms for the identified privacy risks indicate a continued commitment by the Crown in ensuring the confidentiality and privacy of the personal information collected from individuals.
- Date modified: