Government of Canada Pension Modernization Project, release 1.0: Privacy impact assessment summary

Introduction

The Government of Canada's Privacy Impact Assessment Policy requires the publication of a summary outlining the results of a privacy impact assessment. This requirement is considered desirable to demonstrate that privacy considerations were examined in the planning of a project.

The framework used in the preparation of this summary conveys a concise yet detailed description of the business process as well as indicating the identified privacy risks and recommendations for risk mitigation. Certain aspects of the business model description are omitted in order to avoid any compromise of security.

This document summarizes the privacy impact assessment that the Government of Canada undertook to ensure that privacy was considered throughout the development and deployment of release 1.0 of the Government of Canada Pension Modernization Project. The privacy impact assessment concluded that some personal information is involved in release 1.0.

The privacy risks identified in the privacy impact assessment of the Government of Canada Pension Modernization Project, release 1.0 are rated "low" in severity. Implementation of the mitigation mechanisms described in the privacy risk management plan below will alleviate these concerns.

Background

Public Works and Government Services Canada is the administrative authority for the disbursement of pay and pension services under the Department of Public Works and Government Services Act. The department is responsible for the administration of pension plans for public servants governed under the Public Service Superannuation Act, and for the administration of the respective pension plans for the members of Parliament, federal judges, the diplomatic corps, and the lieutenant governors. The department also provides pension services, on a cost recovery basis to the military members of the Department of National Defence.

The Government of Canada Pension Modernization Project has been established to develop and implement both the business transformation and information technology (IT) solutions for the renewal of Public Works and Government Services Canada's pension administration systems and services. The project will provide a modern pension administration infrastructure through the phased adoption of commercial off-the-shelf (COTS) software-based solutions for both core pension administration and customer relationship management (CRM). The transition to the COTS software based solution will be carried out in concert with a careful plan to transform the pension administration business organization, functions and processes.

Business process

The business requirements for Government of Canada Pension Modernization Project, release 1.0 are focused on the delivery of customer relationship management (CRM) and case management tools for Superannuation, Pension Transition and Client Services Sector pension experts in Shediac, New Brunswick. This includes a call centre application to handle incoming calls from clients, a training module and an identity management component for user authentication and access control.

Agents include Superannuation, Pension Transition and Client Services Sector pension specialists, client inquiry, pension portability and executive services personnel. Approximately half of the staff working in the client contact centre are expected to access and use the release 1.0 system.

Clients can be annuitants (retired members), contributors (active members) and employers. There are approximately 250,000 contributors and approximately 270,000 annuitants. Employers are federal government departments and Crown agencies.

The client will call a 1-800 number with an inquiry or request. There are three categories of 1-800 numbers available for clients to call: an executive services number, a general superannuation number and an employer number. Calls received through the executive number and teletype (TTY) calls received through the general superannuation number will be routed directly to a pension expert.

General inquiries on the superannuation number will be routed via an interactive voice response (IVR) system to an agent based on availability and skill set. Employer calls will be supported in a future release.

During fiscal year 2004 to 2005, 144,750 calls were made to the English and French general 1-800 service numbers by clients. The number of calls grew in fiscal year 2006 to 2007 and is expected to double due to the centralization of additional services to the Superannuation, Pension Transition and Client Services Sector.

Personal information collected by the Government of Canada Pension Modernization Project, release 1.0

The following data elements which constitute personal information are affected as follows:

personal identifiers: a caller will be required to enter their Personal Record Identifier (PRI) number (active member) or service agreement (SA) number (retired) into the interactive voice response (IVR) system to allow for call routing
names: the agents will be required to verify caller's identity once the call has been routed. This verification may include the following elements: case number, last and first name of an individual (or other variations of names), PRI number, SA number, relationship, address, phone number and email address

With release 1.0, the new functionality will not affect the way personal information is currently being handled or processed. No legacy applications or databases are being discontinued during the operational period for release 1.0.

Data analysis

The table below represents the personal information involved in the two business processes of the Government of Canada Pension Modernization Project, release 1.0.

Table 1: Data flow analysis
Business process	Description of personal information element	Collected by	Type of format (for example paper, electronic)	Used by or disclosed to	Purpose of collection	Storage or retention site
Manage contacts	name Personal Record Identifier (PRI) relationship address telephone number email address	interactive voice response (IVR) call monitoring legacy annuitant and contributor systems	telephone digital electronic	client inquiry executive services pension portability contributor or annuitant power of attorneys or lawyers	Manage client inquiries and phone requests by client contact centre	pension system universal client management (UCM) customer relationship management (CRM) IVR system data store
Manage correspondence	name address form letter details	system generated correspondence printed in a centralized area in the Superannuation, Pension Transition and Client Services Sector or locally for an agent to complete prior to mailing	Paper	print fulfillment operator agent management employers^{Footnote 1} external stakeholders^{Footnote 2}	Manage outgoing mail	annuitant and contributor legacy systems pension system universal client management (UCM)

Privacy risk management

Section 6 of the privacy impact assessment identifies the Government of Canada Pension Modernization Project, release 1.0 privacy risks and potential risk mitigation strategies. The table below summarizes that information.

Table 2: Risk management plan
Element	Nature of risks	Level of risks	Proposed mitigating mechanisms
Potential unauthorized disclosure of private information	inappropriate access disclosure of personal information to unauthorized persons	Low	continue to provide training to agents implement periodic audits of calls to monitor refresher training on privacy issues
Capturing personal identifier data over interactive voice response (IVR)	inappropriate access compromise of personal information to unauthorized persons	Low	Personal Record Identifier (PRI) or service agreement (SA) is not related to or stored with a name in the IVR
Compliance with Privacy Act, section 5(2)	This new telephony services may not provide callers with consistent access to the Privacy Policy and statement for pension services	Low	callers will be instructed to obtain the privacy statement either via the existing website or to wait for an agent develop a standard, generic privacy statement for all channels

Conclusion

The privacy risks identified in the privacy risk management plan are evaluated as "low" in severity. Public Works and Government Services Canada has examined the impacts and has proposed appropriate mitigation strategies for the identified privacy risks associated with release 1.0 of Government of Canada Pension Modernization Project.

Most notably, the use of the interactive voice response (IVR) highlighted a concern about the entry of a Personal Record Identifier (PRI) or service agreement (SA) number. The IVR system merely uses these numbers to direct the call and not to display any specific information on the agent's screen. Agents' scripts will prompt the agent to collect identification information from the caller and authenticate the caller using data held in legacy systems.

The proposed mitigating mechanisms for the identified privacy risks indicate a continued commitment by the Crown in ensuring the confidentiality and privacy of the personal information collected from individuals.

Footnotes

Footnote 1

Employers currently play an integral role in the delivery of pension services.

Return to footnote 1 referrer

Footnote 2

Canada Revenue Agency (CRA), Canada Pension Plan/Human Resources and Skills Development Canada (CPP/HRSDC), Quebec Pension Plan (QPP), Revenue Quebec, Treasury Board, House of Commons, Office of the Superintendent of Financial Institutions (OSFI), Auditor General, Bank of Canada (Canada Savings Bonds), Canadian Payments Association (via Direct Deposit Interface System), Royal Canadian Mounted Police (RCMP), British Columbia (BC) Medicare, Quebec Blue Cross, SunLife, non-Regional Pay System separate employers and Crown corporations, United Way and Federated Superannuates National Association (FSNA).

Return to footnote 2 referrer

Report a problem or mistake on this page

Date modified:: 2017-07-25

Language selection

Search and menus

Search